---------------------------------------------------------------------- Accurate Vulnerability Scanning No more false positives, no more false negatives http://secunia.com/vulnerability_scanning/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Flash Player Multiple Vulnerabilities SECUNIA ADVISORY ID: SA27105 VERIFY ADVISORY: http://secunia.com/advisories/27105/ DESCRIPTION: Secunia Research has discovered a vulnerability in Windows XP, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a use-after-free error in the bundled version of Flash Player when unloading Flash objects while these are still being accessed using script code. This can be exploited to corrupt memory via a specially crafted web page. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in Flash Player bundled with a fully patched Windows XP SP2 and is also confirmed in an old version 6.0.79 of Adobe Flash Player. NOTE: The version of Flash Player bundled with Windows XP is also affected by a number of other vulnerabilities previously disclosed and fixed in later versions of Adobe Flash Player. SOLUTION: Uninstall the bundled version of Flash Player and optionally install the latest supported version of Flash Player from Adobe. PROVIDED AND/OR DISCOVERED BY: Carsten Eiram and Dyon Balding, Secunia Research. The vendor also credits: * Will Dormann of CERT/CC. * TippingPoint and the Zero Day Initiative. CHANGELOG: 2010-01-13: Added link to US-CERT and Microsoft advisories. Updated credits. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2007-77/ Microsoft: http://www.microsoft.com/technet/security/advisory/979267.mspx US-CERT VU#204889: http://www.kb.cert.org/vuls/id/204889 OTHER REFERENCES: How to remove the Flash Player ActiveX control: http://kb2.adobe.com/cps/127/tn_12727.html How to uninstall the Adobe Flash Player plug-in and ActiveX control: http://kb2.adobe.com/cps/141/tn_14157.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------