Posted on Monday, June 07 2010 @ 16:25 CEST by Thomas De Maesschalck
The company is working on a fix but it's unknown when a patch will be available. The latest official versions of Adobe Flash Player, Reader and Acrobat are all affected, while Adobe Reader and Acrobat 8.x are confirmed not vulnerable. Additionally, Adobe also mentions that Flash Player 10.1 RC does not appear to be vulnerable.
A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat. This advisory will be updated once a schedule has been determined for releasing a fix.
Affected software versions
Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX
MItigations
Adobe Flash Player
The Flash Player 10.1 Release Candidate available at http://labs.adobe.com/technologies/flashplayer10/ does not appear to be vulnerable.
Adobe Reader and Acrobat
Deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF file that contains SWF content.
The authplay.dll that ships with Adobe Reader and Acrobat 9.x for Windows is typically located at C: Program FilesAdobeReader 9.0Readerauthplay.dll for Adobe Reader or C: Program FilesAdobeAcrobat 9.0Acrobatauthplay.dll for Acrobat.
