1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Critical Updates Available For Flash Media Server, Photoshop Cs5 And Robohelp

Discussion in 'Security Updates' started by starbuck, Aug 11, 2011.

  1. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Adobe has released security updates for Flash Media Server, Photoshop CS5 and RoboHelp in order to address critical security vulnerabilities in the products.

    The flaw patched in Flash Media Server (FMS) can be exploited by an attacker to achieve a denial of service condition and prevent legitimate users from accessing content.

    The vulnerability is identified as CVE-2011-2132 in the Common Vulnerabilities and Exposures database and is credited to Knud Erik Højgaard of nsense.

    "Adobe recommends Flash Media Server (FMS) users update their installations to Flash Media Server 4.0.3 or Flash Media Server 3.5.7 respectively," the company writes.

    Meanwhile, a memory corruption vulnerability that can lead to arbitrary code execution was addressed in Adobe Photoshop CS5 and CS5.1.

    The flaw (CVE-2011-2131) was reported by Francis Provencher of Protek Research Lab and can be exploited by tricking victims into opening maliciously-crafted GIF files.

    Finally, a cross-site scripting (XSS) weakness was identified and patched in RoboHelp, Adobe's help authoring tool. The flaw (CVE-2011-2133) can be exploited by opening a specially-crafted URL.

    Patches have been released for RoboHelp 9 (versions 9.0.1.232 and earlier), RoboHelp 8, RoboHelp Server 9 and RoboHelp Server 8 for Windows.

    Unlike the vulnerabilities in the other two products, Adobe rates this XSS weakness as important. It was discovered and reported by Roberto Suggi Liverani of Security-Assessment.com.

    Adobe has also released critical security updates for Flash Player and Shockwave Player which users are advised to install as soon as possible.

    The company got into an argument with a security researcher over the actual number of vulnerabilities fixed in the Flash Player release. Google security engineer Tavis Ormandy claims that the new version addresses a number of 400 vulnerabilities that he discovered in the product during a security audit.


    Source:
    http:/ ews.softpedia.com ews/Critical-Updates-Available-for-Flash-Media-Server-Photoshop-CS5-and-RoboHelp-216229.shtml
     
    starbuck, Aug 11, 2011
    #1

Share This Page