RedHat Security Advisory RHSA-2009:1189

The remote host is missing updates announced in advisory RHSA-2009:1189. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. Multiple security flaws were found in the way Flash Player displayed certain SWF content. An attacker could use these fla...

Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 (Windows)

This host is installed with Adobe Flash Player/Air and is prone to multiple Denial of Service vulnerabilities. OpenVAS Vulnerability Test $Id: gbadobeprdtsmultdosvulnaug09win.nasl 8210 2017-12-21 10:26:31Z cfischer $ Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 Windows Authors:...

Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 (Linux)

This host is installed with Adobe Flash Player/Air and is prone to multiple Denial of Service vulnerabilities. OpenVAS Vulnerability Test $Id: gbadobeprdtsmultdosvulnaug09lin.nasl 6476 2017-06-29 07:32:00Z cfischer $ Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 Linux Authors: Shara...

Spoofing

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into 1 selecting a link or 2 completing a dialog, related to a "clickjacking vulnerability."...

CVE-2009-1867

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into 1 selecting a link or 2 completing a dialog, related to a "clickjacking vulnerability."...

CVE-2009-1867

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into 1 selecting a link or 2 completing a dialog, related to a "clickjacking vulnerability."...

CVE-2009-1867

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into 1 selecting a link or 2 completing a dialog, related to a "clickjacking vulnerability."...

CVE-2009-1867

CVE-2009-1867: Adobe Flash Player (before 9.0.246.0 and before 10.0.32.18 for 10.x) and Adobe AIR before 1.5.2 are affected by a clickjacking vulnerability. The issue can trick a user into (1) selecting a link or (2) completing a dialog. Remediation is to update Flash Player to a newer version (e...

flash-plugin: multiple information disclosure flaws (APSB09-10)

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into 1 selecting a link or 2 completing a dialog, related to a "clickjacking vulnerability."...

Critical: Red Hat Security Advisory: flash-plugin security update

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The flash-plugin package contains a Mozilla Firefox...

flash-plugin: multiple information disclosure flaws (APSB09-10)

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into 1 selecting a link or 2 completing a dialog, related to a "clickjacking vulnerability."...

Critical: Red Hat Security Advisory: flash-plugin security update

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3 and 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. The flash-plugin package contains a Mozilla Firefox compatib...

Adobe AIR < 1.5.2 Multiple Vulnerabilities (APSB09-10)

Binary data 5109.prm...

Adobe AIR < 1.5.2 Multiple Vulnerabilities (APSB09-10)

The remote Windows host contains a version of Adobe AIR Player that is earlier than 1.5.2. Such versions are reportedly affected by multiple vulnerabilities : - A memory corruption vulnerability that could potentially lead to code execution. CVE-2009-1862 - A privilege escalation vulnerability th...

Mozilla Tackles XSS Vulnerabilities, Clickjacking Attacks

Mozilla’s security engineers are working on new technology that promises to mitigate a large class of Web application vulnerabilities, especially the cross-site scripting XSS plague against modern Web browsers. The project, called Content Security Policy, is designed to shut down XSS attacks by...

Social networking attacks target enterprise data

By Alex Rothacker, Team SHATTER It seems as though the latest rash of threats and attacks all have a familiar ring to them: they’re all aimed at social networking sites like Twitter and Facebook, which is interesting, because smart attackers will use whatever means possible to get to the stuff th...

Threatpost News Wrap #3: Patch releases, RFC1918 attack

Threatpost editors Ryan Naraine and Dennis Fisher discuss this week’s massive patch releases by Microsoft, Adobe and Apple, the RFC1918 attack paper by Robert Hansen and who they’d pick in a rotisserie hacker draft. Download SHOW NOTES: New attack class exploits intranet weaknesses The time has...

CVE-2009-1681

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not prevent web sites from loading third-party content into a subframe, which allows remote attackers to bypass the Same Origin Policy and conduct "clickjacking" attacks via a craft...

Design/Logic Flaw

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not prevent web sites from loading third-party content into a subframe, which allows remote attackers to bypass the Same Origin Policy and conduct "clickjacking" attacks via a craft...

CVE-2009-1681

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not prevent web sites from loading third-party content into a subframe, which allows remote attackers to bypass the Same Origin Policy and conduct "clickjacking" attacks via a craft...