Adobe Flash Player ActiveX控件信息泄漏漏洞

2009-12-12T00:00:00
ID SSV:15054
Type seebug
Reporter Root
Modified 2009-12-12T00:00:00

Description

Bugraq ID: 37272 CVE ID:CVE-2009-3951

Adobe Flash Player是一款Flash文件处理程序。 Flash Player ActiveX控件中漏洞,允许获得windows平台本地文件名,导致敏感信息泄漏。 攻击者可以构建恶意WEB页,诱使用户访问来触发。

Adobe Flex 3.0 Adobe Flash Player 10.0.32 18 Adobe Flash Player 10.0.22 .87 Adobe Flash Player 10.0.15 .3 Adobe Flash Player 10.0.12 .36 Adobe Flash Player 10.0.12 .35 Adobe Flash Player 10 Adobe Flash CS4 Professional Adobe Flash CS3 Professional Adobe Flash Player 10.0.42 34已经修复此漏洞,建议用户下载使用: http://www.adobe.com/products/flash/