Release date: 2011-11-09
Updated on: 2011-11-16
Affected Systems:
Adobe Flash Player 9.x
Adobe Flash Player 10.x
Adobe AIR 3.x
Unaffected system:
Adobe Flash Player for Android 11.1.102.59
Adobe Flash Player 11.1.102.55
Adobe AIR 3.1.0.4880
Description:
--------------------------------------------------------------------------------
Bugtraq id: 50629
Cve id: CVE-2011-2458
Adobe Flash Player is an integrated multimedia Player.
Adobe Flash Player has a Security Restriction Bypass Vulnerability. Remote attackers can exploit this vulnerability to bypass some same-source policy restrictions.
<* Source: lakehu
Link: http://www.adobe.com/support/security/bulletins/apsb11-28.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Adobe
-----
Adobe has released a Security Bulletin (APSB11-28) and patches for this:
APSB11-28: Security update available for Adobe Flash Player
Link: http://www.adobe.com/support/security/bulletins/apsb11-28.html