Bugzilla – Bug 612063
VUL-0: CVE-2010-1297: flash-player remote code exec
Last modified: 2019-05-01 15:22:13 UTC
Your friendly security team received the following report. Please respond ASAP. The issue is public. Adobe reports an exploitable code execution problem that affects flash-player: http://www.adobe.com/support/security/advisories/apsa10-01.html --------------------------------------------------------------- Security Advisory for Flash Player, Adobe Reader and Acrobat Release date: June 4, 2010 Vulnerability identifier: APSA10-01 CVE number: CVE-2010-1297 Platform: All Summary A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat. This advisory will be updated once a schedule has been determined for releasing a fix. Affected software versions Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX Note: The Flash Player 10.1 Release Candidate available at http://labs.adobe.com/ technologies/flashplayer10/ does not appear to be vulnerable. Adobe Reader and Acrobat 8.x are confirmed not vulnerable. MItigations Adobe Flash Player The Flash Player 10.1 Release Candidate available at http://labs.adobe.com/ technologies/flashplayer10/ does not appear to be vulnerable. Adobe Reader and Acrobat Deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF file that contains SWF content. The authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll for Adobe Reader or C:\Program Files\Adobe\Acrobat 9.0\Acrobat\authplay.dll for Acrobat. Severity rating Adobe categorizes this as a critical issue. Details A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat. The Flash Player 10.1 Release Candidate available at http://labs.adobe.com/ technologies/flashplayer10/ does not appear to be vulnerable. Adobe Reader and Acrobat 8.x are confirmed not vulnerable. Mitigation is available for Adobe Reader and Acrobat 9.x customers as detailed above.
currently no fix is available: http://www.adobe.com/support/security/advisories/apsa10-01.html swampid?
Update expected on June 10th
updates submitted, however standalone player is not yet updated !!!
CVEs from http://adobe.com/support/security/bulletins/apsb10-14.html: ======================================================================== This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-1297). Note: There are reports that this issue is being actively exploited in the wild. This update resolves a memory exhaustion vulnerability that could lead to code execution (CVE-2009-3793). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2160). This update resolves an indexing vulnerability that could lead to code execution (CVE-2010-2161). This update resolves a heap corruption vulnerability that could lead to code execution (CVE-2010-2162). This update resolves multiple vulnerabilities that could lead to code execution (CVE-2010-2163). This update resolves a use after free vulnerability that could lead to code execution (CVE-2010-2164). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2165). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2166). This update resolves multiple heap overflow vulnerabilities that could lead to code execution (CVE-2010-2167). This update resolves a pointer memory corruption that could lead to code execution (CVE-2010-2169). This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2010-2170). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2171). This update resolves a denial of service issue on some UNIX platforms (Flash Player 9 only) (CVE-2010-2172). This update resolves an invalid pointer vulnerability that could lead to code execution (CVE-2010-2173). This update resolves an invalid pointer vulnerability that could lead to code execution (CVE-2010-2174). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2175). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2176). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2177). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2178). This update resolves a URL parsing vulnerability that could lead to cross-site scripting (Firefox and Chrome browsers only) (CVE-2010-2179). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2180). This update resolves an integer overflow vulnerability that could lead to code execution (CVE-2010-2181). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2182). This update resolves a integer overflow vulnerability that could lead to code execution (CVE-2010-2183). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2184). This update resolves a buffer overflow vulnerability that could lead to code execution (CVE-2010-2185). This update resolves a denial of service vulnerability that can cause the application to crash. Arbitrary code execution has not been demonstrated, but may be possible. (CVE-2010-2186). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2187). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2188). This update resolves a memory corruption vulnerability that could lead to code execution (CVE-2010-2189). Note: This issue occurs only on VMWare systems with VMWare Tools enabled. This update resolves a denial of service issue (CVE-2008-4546). ========================================================================
The SWAMPID for this issue is 33873. This issue was rated as important. Please submit fixed packages as soon as possible. When done, please reassign the bug to security-team@suse.de. Patchinfo will be handled by security team.
we are releasing the box update consciously decoupled from the maintenance updates due to severity of this issue.
Update released for: flash-player Products: openSUSE 11.0 (i386) openSUSE 11.1 (i586) openSUSE 11.2 (i586)
The updates for SLED11 and SLED11SP1 are not fixed in all parts: /usr/bin/flashplayer -v WARNING: environment variable G_FILENAME_ENCODING set and it is not UTF-8 10,0,45,2 In contrast, firefox / about:plugins says Shockwave Flash 10.1 R53
so standalone player still not updated. however i released the updates now (except moblin)
Update released for: flash-player Products: SLE-DESKTOP 11 (i386, x86_64)
Update released for: flash-player Products: SLE-DESKTOP 11-SP1 (i386, x86_64)
Update released for: flash-player Products: SLE-DESKTOP 10-SP3 (i386, x86_64)
close , just moblin not yet released.
This is an autogenerated message for OBS integration: This bug (612063) was mentioned in https://build.opensuse.org/request/show/41338 Factory:NonFree / flash-player https://build.opensuse.org/request/show/41339 11.2:Test / flash-player