Adobe Advisories

From FlashSec

Contents 1 Connect 2 Flash Communication Server 3 Flash Media Server 4 Flash Player & Flex 5 Flash 6 Livecycle 7 MX 2004 products

The complete list of Adobe Security Bulletins and Advisories can be found here.

[edit] Connect

• 09/11/2007: APSB07-14 Patch available for Adobe Connect Enterprise Server information disclosure issue

[edit] Flash Communication Server

• 11/15/2005: MPSB05-09 Security Patch for Insufficient Validation in Flash Communication Server

[edit] Flash Media Server

• 04/30/2009: APSB09-05 Updates available to address Flash Media Server privilege escalation issues
• 12/02/2008: APSB08-03 Update available to address Flash Media Server security issues
• 12/15/2005: MPSB05-11 Administrator Interface Denial of Service Vulnerability in Flash Media Server

[edit] Flash Player & Flex

• 08/19/2009: APSB09-13 Security update available for Flex SDK
• 07/30/2009: APSB09-10 Security updates available for Adobe Flash Player, Adobe Reader and Acrobat
• 07/22/2009: APSA09-03 Security advisory for Adobe Reader, Acrobat and Flash Player
• 02/24/2009: APSB09-01 Flash Player update available to address security vulnerabilities
• 12/17/2008: APSB08-24 Security update available for Linux Flash Player 10.0.12.36 and Linux Flash Player 9.0.151.0
• 11/17/2008: APSB08-23 AIR update available to address security vulnerabilities
• 11/17/2008: APSB08-22 Additional disclosure of security vulnerabilities fixed in Flash Player 10.0.12.36 and Flash Player 9.0.151.0
• 11/05/2008: APSB08-20 Flash Player update available to address security vulnerabilities (Update to 9.0.151.0)
• 10/15/2008: APSB08-18 Flash Player update available to address security vulnerabilities (Update to 10.0.12.36)
• 10/07/2008: APSA08-08 Flash Player workaround available for "Clickjacking" issue
• 06/17/2008: APSB08-14 Update to Flex 3 to address potential cross-site scripting vulnerability
• 04/08/2008: APSB08-11 Flash Player update available to address security vulnerabilities
• 12/23/2007: APSA07-06 Vulnerabilities in some SWF files could allow cross-site scripting
• 12/18/2007: APSB07-20 Flash Player update available to address security vulnerabilities
• 10/17/2007: APSA07-05 Potential Vulnerability with Adobe Flash Player and Opera on Mac OSX
• 07/10/2007: APSB07-12 Flash Player update available to address security vulnerabilities
• 04/11/2007: APSA07-03 Opera update available for vulnerability with Adobe Flash Player and Opera browser on Linux and Solaris
• 11/14/2006: APSB06-18 Update available for HTTP Header Injection Vulnerabilities in Adobe Flash Player
• 09/12/2006: APSB06-11 Multiple Vulnerabilities in Adobe Flash Player 8.0.24.0 and Earlier Versions
• 03/14/2006: APSB06-03 Flash Player Update to Address Security Vulnerabilities
• 11/02/2005: MPSB05-07 Flash Player 7 Improper Memory Access Vulnerability
• 12/16/2003: MPSB03-08 Update to Flash Player Addressing Local Shared Object Security
• 03/03/2003: MPSB03-03 Security Patch for Macromedia Flash Player
• 12/12/2002: MPSB02-15 Macromedia Flash Malformed Header Vulnerability Issue
• 08/08/2002: MPSB02-09 Macromedia Flash Malformed Header Vulnerability Issue
• 08/08/2002: MPSB02-10 Macromedia Flash URL Modification Issue
• 06/12/2002: MPSB02-08 Macromedia Flash Player Cross Server Scripting Security Issue

[edit] Flash

• 10/15/2008: APSA08-09 Potential vulnerability in Flash CS3 Professional
• 03/19/2008: APSA08-03 Potential vulnerability in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8

[edit] Livecycle

• 04/11/2006: LiveCycle information disclosure to OBSOLETE users

[edit] MX 2004 products

• 06/09/2005: MPSB05-04 Potential Security Risk with Macromedia eLicensing Client Activation Code
• 09/22/2004: MPSB04-07 Macromedia Products Not Affected by Microsoft JPEG/GDIPlus Vulnerability
• 03/12/2004: MPSB04-03 Potential Security Risk with Macromedia E-Licensing Client Activation Code