[SingCERT] Security Updates for Adobe Reader, Acrobat, Flash Player and Shockwave Player

Last Updated on Wednesday, 09 February 2011 15:44

[ Summary ]

Critical vulnerabilities in Adobe Reader X (10.0); Adobe Reader 9.4.1 and earlier versions could cause the application to crash and potentially allow an attacker to take control of the affected system. Risk for Adobe Reader X users is significantly lower, as none of these issues bypass Protected Mode mitigations.

Critical vulnerabilities in Adobe Flash Player 10.1.102.64 and earlier versions could cause the application to crash and could potentially allow an attacker to take control of the affected system.

Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.9.615 and earlier versions could allow an attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected system.

[ Affected Systems ]

• Adobe Reader X (10.0)
• Adobe Reader 9.4.1 and earlier versions
• Adobe Acrobat X (10.0) and earlier versions
• Flash Player 10.1.102.64 and earlier versions
• Shockwave Player 11.5.9.615 and earlier versions

[ Impact Analysis ]

These vulnerabilities could allow an attacker to take complete control of the affected system.

[ Solution/Workaround ]

Updates are available.

[ Reference ]

• http://www.adobe.com/support/security/bulletins/apsb11-01.html
• http://www.adobe.com/support/security/bulletins/apsb11-02.html
• http://www.adobe.com/support/security/bulletins/apsb11-03.html