A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android. This vulnerability also affects Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh. This vulnerability (CVE-2010-2884) could cause a crash and potentially allow an attacker to take control of the affected system. References: http://www.adobe.com/support/security/advisories/apsa10-03.html
Common Vulnerabilities and Exposures assigned an identifier CVE-2010-2884 to the following vulnerability: Name: CVE-2010-2884 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2884 Assigned: 20100727 Reference: CONFIRM: http://www.adobe.com/support/security/advisories/apsa10-03.html Reference: SECUNIA:41434 Reference: URL: http://secunia.com/advisories/41434 Reference: SECUNIA:41435 Reference: URL: http://secunia.com/advisories/41435 Reference: SECUNIA:41443 Reference: URL: http://secunia.com/advisories/41443 Reference: VUPEN:ADV-2010-2348 Reference: URL: http://www.vupen.com/english/advisories/2010/2348 Reference: VUPEN:ADV-2010-2349 Reference: URL: http://www.vupen.com/english/advisories/2010/2349 Reference: XF:adobe-flash-content-code-execution(61771) Reference: URL: http://xforce.iss.net/xforce/xfdb/61771 Unspecified vulnerability in Adobe Flash Player 10.1.82.76 and earlier for Windows, Macintosh, Linux, Solaris; Flash Player 10.1.92.10 for Android; Reader 9.3.4 for Windows, Macintosh and UNIX; and Acrobat 9.3.4 and earlier for Windows and Macintosh allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, as exploited in the wild in September 2010.
Updates for Adobe Flash Player are now available via APSB10-22: http://www.adobe.com/support/security/bulletins/apsb10-22.html Flash 10 fixed in version: 10.1.85.3 Flash 9 fixed in version: 9.0.283
This issue has been addressed in following products: Extras for RHEL 3 Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2010:0706 https://rhn.redhat.com/errata/RHSA-2010-0706.html
This issue has been addressed in following products: Extras for RHEL 4 Extras for Red Hat Enterprise Linux 5 Via RHSA-2010:0743 https://rhn.redhat.com/errata/RHSA-2010-0743.html