1. Skip to navigation
  2. Skip to content
  3. Skip to secondary-content

Where You Are

  1. Labs
  2. Security Threats
  3. Vulnerability Reports
  4. SA201006468

Adobe Flash Player 10.1.53.64 Security Update

Report ID: SA201006468
Source: F-Secure
Date of Discovery: 11.06.2010
Criticality: Critical
Affects:
Adobe Flash Player 10.0.45.2 and earlier versions
Adobe AIR 1.5.3.9130 and earlier versions
Compromise From: From remote
Compromise Type: Cross site scripting
Remote code execution
DoS

Summary

Multiple vulnerabilities in Adobe Flash Player 10.0.45.2 could lead to remote code execution, cross-site scripting and denial of service.

Detailed Description

Adobe has identified multiple vulnerabilities in Flash Player 10.0.45.2 that could result in remote code execution, cross-site scripting and denial of service. An update in version 10.1.53.64 has been released to resolve these issues.

Solution

Update to Adobe Flash Player 10.1.53.64 or later versions (http://get.adobe.com/flashplayer/)**
Update to Adobe AIR 1.5.3.9130 or later versions (http://get.adobe.com/air/)

 

** A patched version of Flash Player 9 is also available at (http://kb2.adobe.com/cps/406/kb406791.html)

Original Reference

APSB10-14: Security update available for Adobe Flash Player (http://www.adobe.com/support/security/bulletins/apsb10-14.html)

CVE Reference

CVE-2008-4546
CVE-2009-3793
CVE-2010-1297
CVE-2010-2160
CVE-2010-2161
CVE-2010-2162
CVE-2010-2163
CVE-2010-2164
CVE-2010-2165
CVE-2010-2166
CVE-2010-2167
CVE-2010-2169
CVE-2010-2170
CVE-2010-2171
CVE-2010-2172
CVE-2010-2173
CVE-2010-2174
CVE-2010-2175
CVE-2010-2176
CVE-2010-2177
CVE-2010-2178
CVE-2010-2179
CVE-2010-2180
CVE-2010-2181
CVE-2010-2182
CVE-2010-2183
CVE-2010-2184
CVE-2010-2185
CVE-2010-2186
CVE-2010-2187
CVE-2010-2188
CVE-2010-2189