Avis du CERT RENATER

Par défaut, cette page vous affichera les derniers messages envoyés par le CERT RENATER à la communauté. Vous pouvez affiner par année ou par type de message. Si aucun critère n'est précisé, seuls les derniers messages sont affichés
Date : Tue, 12 Apr 2011 10:04:52 +0200
Type : VULN
Sujet : CERT-Renater : 2011/VULN308 (Adobe : critical vulnerability in Adobe Flash Player, Adobe Reader and Acrobat)
====================================================================                                    CERT-Renater

                         Note d'Information No. 2011/VULN308
_____________________________________________________________________

DATE                      : 12/04/2011

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Adobe Flash Player versions 10.2.153.1 and earlier,
                              Adobe Flash Player versions 10.2.154.25 and earlier for Chrome users,
                              Adobe Flash Player versions 10.2.156.12 and earlier for Android,
                              Adobe Reader versions 9.x, 10.x,
                              Adobe Acrobat version 9.x, 10.x.

======================================================================
http://www.adobe.com/support/security/advisories/apsa11-02.html
______________________________________________________________________

Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat

Release date: April 11, 2011

Vulnerability identifier:APSA11-02

CVE number: CVE-2011-0611

Platform: See "Affected software versions" section below for details

Summary

A critical vulnerability exists in Flash Player 10.2.153.1 and earlier versions
(Adobe Flash Player 10.2.154.25 and earlier for Chrome users) for Windows,
Macintosh, Linux and Solaris, Adobe Flash Player 10.2.156.12 and earlier
versions for Android, and the Authplay.dll component that ships with Adobe
Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and
Macintosh operating systems.

This vulnerability (CVE-2011-0611) could cause a crash and potentially allow an
attacker to take control of the affected system. There are reports that this
vulnerability is being exploited in the wild in targeted attacks via a Flash
(.swf) file embedded in a Microsoft Word (.doc) file delivered as an email
attachment, targeting the Windows platform. At this time, Adobe is not aware of
any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X
Protected Mode mitigations would prevent an exploit of this kind from
executing.

We are in the process of finalizing a schedule for delivering updates for Flash
Player 10.2.x and earlier versions for Windows, Macintosh, Linux, Solaris and
Android, Adobe Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows
and Macintosh, Adobe Reader X (10.0.2) for Macintosh, and Adobe Reader 9.4.3
and earlier 9.x versions for Windows and Macintosh. Because Adobe Reader X
Protected Mode would prevent an exploit of this kind from executing, we are
currently planning to address this issue in Adobe Reader X for Windows with the
next quarterly security update for Adobe Reader, currently scheduled for June
14, 2011.

Affected software versions

     * Adobe Flash Player 10.2.153.1 and earlier versions for Windows,
       Macintosh, Linux and Solaris operating systems
     * Adobe Flash Player 10.2.154.25 and earlier for Chrome users
     * Adobe Flash Player 10.2.156.12 and earlier for Android
     * The Authplay.dll component that ships with Adobe Reader and Acrobat X
       (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh
       operating systems

NOTE: Adobe Reader 9.x for UNIX, Adobe Reader for Android, and Adobe Reader and
Acrobat 8.x are not affected by this issue.

Severity rating

Adobe categorizes this as a critical issue.

Details

A critical vulnerability exists in Flash Player 10.2.153.1 and earlier versions
(Adobe Flash Player 10.2.154.25 and earlier for Chrome users) for Windows,
Macintosh, Linux and Solaris, Adobe Flash Player 10.2.156.12 and earlier
versions for Android, and the Authplay.dll component that ships with Adobe
Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows
and Macintosh operating systems.

This vulnerability (CVE-2011-0611) could cause a crash and potentially allow an
attacker to take control of the affected system. There are reports that this
vulnerability is being exploited in the wild in targeted attacks via a Flash
(.swf) file embedded in a Microsoft Word (.doc) file delivered as an email
attachment, targeting the Windows platform. At this time, Adobe is not aware of
any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X
Protected Mode mitigations would prevent an exploit of this kind from
executing.

We are in the process of finalizing a schedule for delivering updates for Flash
Player 10.2.x and earlier versions for Windows, Macintosh, Linux, Solaris and
Android, Adobe Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows
and Macintosh, Adobe Reader X (10.0.2) for Macintosh, and Adobe Reader 9.4.3
and earlier 9.x versions for Windows and Macintosh. Because Adobe Reader X
Protected Mode would prevent an exploit of this kind from executing, we are
currently planning to address this issue in Adobe Reader X for Windows with
the next quarterly security update for Adobe Reader, currently scheduled for
June 14, 2011.

Users may monitor the latest information on the Adobe Product Security Incident
Response Team blog at http://blogs.adobe.com/psirt or by subscribing to the RSS
feed at http://blogs.adobe.com/psirt/atom.xml.

Adobe actively shares information about this and other vulnerabilities with
partners in the security community to enable them to quickly develop detection
and quarantine methods to protect users until a patch is available. As always,
Adobe recommends that users follow security best practices by keeping their
anti-malware software and definitions up to date.

Acknowledgments

Adobe would like to thank Mila Parkour (http://contagiodump.blogspot.com) for
working with Adobe on this issue to help protect our customers.


======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================