Saturday, June 5, 2010

Vulnerability In Adobe Acrobat, Reader And Flash Player

There has been found a critical vulnerability in Adobe Acrobat, Reader and Flash Player. By exploiting the vulnerability an attacker may be able cause a system crash or execute arbitrary code in target system.

The vulnerability is related to a way the authplay.dll library (used for handling SWF content) of the affected software handles SWF content. The vulnerability can be exploited by luring affected software user to access specially crafted web site or to open crafted PDF file. Adobe says that the vulnerability is currently exploited in the wild.

Affected software are:
- Adobe Flash Player 10.0.45.2, 9.0.262 and earlier 10.0.x & 9.0.x series versions
- Adobe Reader and Acrobat 9.3.2 and earlier 9.x series versions

At the moment, there is no patch against the vulnerability available but Flash Player users can mitigate the problem by installing The Flash Player 10.1 Release Candidate available at http://labs.adobe.com/technologies/flashplayer10/.

In Adobe Reader and Acrobat cases deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF file that contains SWF content. The authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C:\Program Files\Adobe\Reader 9.0\Reader\authplay.dll for Adobe Reader or C:\Program Files\Adobe\Acrobat 9.0\Acrobat\authplay.dll for Acrobat.

No comments: