Launchpad.net

CVE 2011-0609

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.

Related bugs and status

CVE-2011-0609 (Candidate) is related to these bugs:

Bug #580523: Flash Plugin / Update Manager / PROXY not being honored

		In	Importance	Status
580523	Flash Plugin / Update Manager / PROXY not being honored	flashplugin-nonfree (Ubuntu)	Medium	Fix Released
580523	Flash Plugin / Update Manager / PROXY not being honored	flashplugin-nonfree (Ubuntu Hardy)	Undecided	Fix Released
580523	Flash Plugin / Update Manager / PROXY not being honored	flashplugin-nonfree (Ubuntu Karmic)	Undecided	Fix Released
580523	Flash Plugin / Update Manager / PROXY not being honored	flashplugin-nonfree (Ubuntu Lucid)	Undecided	Fix Released
580523	Flash Plugin / Update Manager / PROXY not being honored	flashplugin-nonfree (Ubuntu Natty)	Medium	Fix Released
580523	Flash Plugin / Update Manager / PROXY not being honored	flashplugin-nonfree (Ubuntu Maverick)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://blogs.adobe.com...
CONFIRM: http://www.adobe.com/s...
BID: 46860
MISC: http://googlechromerel...
CERT-VN: VU#192052
SECTRACK: 1025210
SECTRACK: 1025211
SECUNIA: 43751
SECUNIA: 43757
SECUNIA: 43772
VUPEN: ADV-2011-0655
CONFIRM: http://www.adobe.com/s...
REDHAT: RHSA-2011:0372
SECUNIA: 43856
VUPEN: ADV-2011-0656
VUPEN: ADV-2011-0688
VUPEN: ADV-2011-0732
SECTRACK: 1025238
SREASON: 8152
SUSE: SUSE-SR:2011:005
XF: adobe-flash-authplay-c...
OVAL: oval:org.mitre.oval:de...