===================================================================== CERT-Renater Note d'Information No. 2007/VULN523 _____________________________________________________________________ DATE : 19/12/2007 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running Adobe Flash Player, Adobe Golive. ====================================================================== - ------------------------------------------------------------ Adobe Security Bulletin: - - Flash Player update available to address security vulnerabilities - - Bulletin update: GoLive update to address potential security vulnerabilities - ------------------------------------------------------------- APSB07-20 - Flash Player update available to address security vulnerabilities Originally posted: December 18, 2007 Summary: Critical vulnerabilities have been identified in Adobe Flash Player that could allow an attacker who successfully exploits these potential vulnerabilities to take control of the affected system. A malicious SWF must be loaded in Flash Player by the user for an attacker to exploit these potential vulnerabilities. Users are recommended to update to the most current version of Flash Player available for their platform. Severity Rating: Adobe categorizes this update as critical http://direct.adobe.com/r?xJlnWnvElWvqEcHHqJcJW Adobe recommends that users apply this update to their installations. Learn more: http://direct.adobe.com/r?xJlnWnvElqJcEcHHqJccT - ------------------------------------------------------------ APSB07-17 - GoLive update to address potential security vulnerabilities (bulletin update) Originally posted: October 9, 2007 Summary: An updated GoLive PNG plug-in for Mac is now available. Severity Rating: Adobe categorizes this update as critical http://direct.adobe.com/r?xJlnWnvElWvqEcHHqJcJW Adobe recommends that users apply this update to their installations. Learn more: http://direct.adobe.com/r?xJlnWnvElqJJEcHHqJccv - ----------------------------------------------------------- ANY INFORMATION, PATCHES, DOWNLOADS, WORKAROUNDS, OR FIXES PROVIDED BY ADOBE IN THIS BULLETIN ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. ADOBE AND ITS SUPPLIERS DISCLAIM ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED OR OTHERWISE, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. ALSO, THERE IS NO WARRANTY OF NON-INFRINGEMENT, TITLE, OR QUIET ENJOYMENT. (USA ONLY) SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO THE ABOVE EXCLUSION MAY NOT APPLY TO YOU. IN NO EVENT SHALL ADOBE, INC. OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, PUNITIVE, COVER, LOSS OF PROFITS, BUSINESS INTERRUPTION, OR THE LIKE, OR LOSS OF BUSINESS DAMAGES, BASED ON ANY THEORY OF LIABILITY INCLUDING BREACH OF CONTRACT, BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EVEN IF ADOBE, INC. OR ITS SUPPLIERS OR THEIR REPRESENTATIVES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. (USA ONLY) SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, SO THE ABOVE EXCLUSION OR LIMITATION MAY NOT APPLY TO YOU AND YOU MAY ALSO HAVE OTHER LEGAL RIGHTS THAT VARY FROM STATE TO STATE. Adobe reserves the right, from time to time, to update the information in this document with current information. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================