November 6th, 2008

Adobe updates Flash Player 9 to fix six security holes

Posted by Ryan Naraine @ 6:37 am

Categories: Adobe, Arbitrary Code Execution, Browsers, Data theft, Denial of Service (DoS), Exploit code, Flash, Patch Watch, Responsible disclosure, Vulnerability research

Tags: Adobe Systems Inc., Allaire ColdFusion, Macromedia Flash Player, Development Tools, Security, Software Development, Software/Web Development, Ryan Naraine

Adobe has slapped another band-aid on its ever-present Flash Player to cover at least six documented security vulnerabilities that could expose users to a wide range of hacker attacks.

The patch, rated “critical” by Adobe, affects Flash Player 9.0.124.0 on all platforms.  Adobe is recommending that users upgrade immediately to Flash Player 10.

The skinny on the latest Flash Player vulnerabilities:

• CVE-2008-4818: This update includes a change to the way Flash Player interprets HTTP response headers to prevent a potential cross-site scripting attack.
• CVE-2008-4819: This update introduces a change to mitigate a potential issue that could aid an attacker in executing a DNS rebinding attack.
• CVE-2008-4823: This update introduces stricter interpretation of an ActionScipt attribute to prevent a potential HTML injection issue.
• CVE-2008-4822: This update prevents an issue with policy file interpretation that could potentially lead to bypass of a non-root domain policy.
• CVE-2008-4821: This update prevents an issue with the Flash Player interpretation of jar: protocol on Mozilla browsers that could potentially lead to information disclosure.
• CVE-2008-4820: This update prevents a potential Windows-only information disclosure issue in the Flash Player ActiveX control.

Adobe provides this page to held end users determine which version of Flash Player is installed on a system.   Keep in mind that any version below Flash Player 9.0.151.0 will be vulnerable to these attack scenarios.

Separately, Adobe released Security Bulletin ASPB08-21 to resolve a potential privilege escalation issue that is particularly applicable to ColdFusion servers in a shared hosting environment:

• A vulnerability in ColdFusion could allow a lower-privileged user to bypass sandbox security and access sensitive information, and could potentially lead to a privilege escalation attack. This issue is particularly applicable to ColdFusion servers in a shared hosting environment. This issue is not remotely exploitable.

Affected software versions are ColdFusion 8, ColdFusion 8.0.1 and ColdFusion MX 7.0.2 Solution.