Vulnerability identifier: APSB09-15

Similar Messages

• Vulnerability identifier: APSB14-04 - Plug-in or ActiveX

  Hi,
  My global Information Security Office informs me to install\patch the local installed Adobe Flash players using the above mentioned identifier.
  However when I have a look at my implemented Symantec\Altiris Patching solution I only see an Plug-in specified within its "APSB14-04" bulletin.
  Does somebody or can somebody help me out if the fix only concerns the Plug-in or also the ActiveX.
  Thanks in advance for helping me with this debacle.
  Kind regards,
  Jürgen

  PlugIn Version: 10.1.102.64 (10.1.102.64)
  Update Flash Player to 10.2.152.26. http://get.adobe.com/flashplayer/

• DEP update for acrobat Vulnerability identifier: APSA09-07

  I deactived javascript in my acrobat to prevent the issue Adobe made everyone aware of on 12/1/509. Does the update 9.3.0 take care of this? can i now enable javascript again?

  FIX/PATCH
  I have given up...adobe do nothing microsoft do nothing
  i have got rid of adobe and gone to foxit for a free reader with zero probelms download here http://www.foxitsoftware.com/pdf/reader/
  http://download.cnet.com/Foxit-Reader/3000-10743_4-10313206.html?part=dl-116442& subj=dl&tag=button/
  suggest you all do the same for reader problems rather than waste your leisure/working time trying to unravel this probelm with no help or even acknowledgement in any of these forums from adobe..disgusted. stamp your feet and migrate..enough is enough.this has been going on for months.

• SNMP Vulnerability

  Reference Oracle Security Alert #30 Dated: 5 March , 2002. The security alert states that "Oracle has fixed the potential vulnerability identified above in patch/bug fix number 2224724. Patches will be available only for supported releases of EM and Oracle Database on all platforms that require a patch."
  Oracle 8.1x is identified as a vulnerable product. Is there a patch available for Oracle 8.16 running under Windows NT Server?

  Anyone know why I'd be getting this message when I try
  to install patch 106787-17 (snmp vulnerability)?
  Checking installed patches...
  One or more patch packages included in
  106787-17 are not installed on this system.
  I did a pkginfo -il on all the packages in the
  directory and they are (4 of them) installed.I had the same problems when I tried to install the patch on our E250's running 2.6 and 2.7,
  Solaris 8 was no problem. I cehcked (like you did) that I had indeed all the packages installed.
  I was however in the lucky situation that I could just disable SNMP as it was not doing anything useful...
  I think if you look in the patch that you could perhaps just replace the files manually and then restart the service. (I guess it's a good idea to try on only one host first;)
  Good luck,
  Thomas

• Adobe Flash FAIL:  Adobe Flash Player local storage settings incorrect.  Module 'Resume' feature may not work on this computer.

  Using a Windows 2012 RDS Environment, we have users connecting to a CPD website, and as part of the CPD they need to run a systems checker.  When they run the systems checker they get the following error message: "Adobe Flash FAIL:  Adobe Flash Player local storage settings incorrect.  Module 'Resume' feature may not work on this computer". All users are connecting to this environment with Windows CE Clients,I have checked the setting on Adobe Flash and they seem correct but as each user has its own profile on the RDS session, is there something that I should be setting for each user. I have added the website to the trusted sites and it has made no difference.   Any ideas

  It sounds like what's happening is that Flash Player can't write or read from the local shared objects in the user's redirected home directory because we disallow traversing junctions in the broker process.  This behavior was disabled to address a vulnerability identified in some of John Forshaw's research into the IE broker last year.
  You can enable this behavior by adding the following setting to mms.cfg:
  EnableInsecureJunctionBehavior=1
  That said, you can probably gather from the name of the flag that we don't really recommend this approach, and disable this attack surface by default.  There's some risk that a network attacker could craft content that abuses fundamental issues with how Windows handles Junctions to write to arbitrary locations.
  Unfortunately, there's not a simple or easy workaround that I'm aware of (but it's been ages since I've administered a Windows domain) for this kind of NAS/SAN-backed terminal server environment where Flash is not able to access \Users\<user>\AppData\Roaming\Macromedia\Flash Player\ without traversing a junction.

• Security Update available for Adobe Reader 8 November 4 2008

  Vulnerability identifier: APSB08-19
  CVE number: CVE-2008-2992, CVE-2008-2549, CVE-2008-4812, CVE-2008-4813, CVE-2008-4817, CVE-2008-4816, CVE-2008-4814, CVE-2008-4815
  Platform: All Platforms
  SummaryCritical vulnerabilities have been identified in Adobe Reader and Acrobat 8.1.2 and earlier versions. These vulnerabilities would cause the application to crash and could potentially allow an attacker to take control of the affected system.
  Adobe Reader 9 and Acrobat 9 are not vulnerable to these issues. Adobe recommends users of Acrobat 8 and Adobe Reader 8 who cant update to Adobe Reader 9 install the 8.1.3 update to protect themselves from potential vulnerabilities.
  Courtesy OF NICK ADSL UK
  http://www.adobe.com/support/downloads/detail.jsp?ftpID=4084

  Does "8.1.2 and earlier versions" mean only earlier versions of v8? Or does it include version 6 and 7 and so on?
  Thanks

• Can I disable "inspect sqlnet?"

  In a recent Cisco Security Advisory (Advisory ID: cisco-sa-20131009-asa) there is a "SQL*Net Inspection Engine Denial of Service Vulnerability" identified.  I plan to follow the upgrade process to resolve this, however, I will not be able to perform the upgrade for a couple of weeks.
  The temporary work around suggested is to disable SQL*Net inspection:
  ciscoasa(config)# policy-map global_policy
  ciscoasa(config-pmap)# class inspection_default
  ciscoasa(config-pmap-c)# no inspect sqlnet
  This seems simple enough, but I am banging my head on the desk trying to figure out how this will affect any database traffic that may be going through these interfaces.  If the default sqlnet inspection is disabled does that mean I need to add explicit ACL entries per interface to allow that traffic?  I've reviewwed the information from this thread: https://supportforums.cisco.com/thread/2005571
  I know there are SQL and Oracle databases on this particular segment, but what confuses me is that there are no rules configured to NAT anything right now.  Is there some sort of way to see if any traffic even matches that default inspection so I know whether it's doing anything right now?
  I seem to be overthinking this because I keep going in circles with my own reasoning.  I'm not sure what config information to include with my question.  I can tell you that there are many interfaces in use.  There is no NAT.  There are mulitple security levels. 
  Thank you in advance.

  Patrick,
  Thank you!  This was exactly what I was asking for.  In my post I asked the question "Is there some sort of way to see if any traffic even matches that default inspection." 
  That is all I needed.  I don't know why I couldn't find how to show this information.

• Photoshop 7 can no open .bmp files?

  Hi:
  When I try to open a .bmp file using the PS7 file open method with the file dialog window set for all formats, no .bmp files appear in the list of files.
  If in Windows Explorer a .bmp file is selected then the right click option of open with PS7 is used PS7 gives an error message.
  I've read other posts about saving .bmp files in 8 bit mode but can find nothing in the forum or manual about opening a .bmp file.
  How to do it?
  Have Fun,
  Brooke Clarke

  -------SOLUTION------
  Thanks to Ed pointing to the file BMP.8BI I've found the solution.
  That file was missing from the folder at:
  C:\Program Files\Adobe\Photoshop 7.0\Plug-Ins\Adobe Photoshop Only\File Formats
  so PS7 could not work with .bmp files. The reason it was missing was an earlier version had a security bug. Adobe came out with a new version the top of the page looks like:
  Photoshop CS2, Photoshop CS3 and Photoshop Elements 5 updates to address security vulnerabilities
  Release date: July 10, 2007
  Vulnerability identifier: APSB07-13
  CVE number: CVE-2007-2244, CVE-2007-2365
  Platform: All Platforms
  Affected software versions: Photoshop CS2, Photoshop CS3, and Photoshop Elements 5.0
  http://www.adobe.com/support/security/bulletins/apsb07-13.html
  I downloaded the patch zip file for Photoshop Elements 5.0:
  http://download.macromedia.com/pub/security/bulletins/apsb07-13/win/ps_security_update.zip
  and after unziping it moved BMP.8BI into the File Formats folder and it seems to work fine in PS7.
  Have Fun,
  Brooke Clarke

• Conflicting Information

  I'm a Information Security Analyst and currently I'm trying to strengthen our ColdFusion hardening standards and I have an issue that I need to understand.
  I'm referencing two separate Adobe documents,
  First document:
  ColdFusion 9 Lockdown Guide
  Recommends:
  Page 16 of 35.  Do not enable RDS. Click next...
  Next document:
  Security Advisory for ColdFusion
  Release date: January 4, 2013
  Last updated: January 16, 2013
  Vulnerability identifier: APSA13-01
  Recommends:
  Setting the password for Remote Development Services (even if RDS is disabled)
  Enabling password protection for RDS
  Setting the Admin password and enabling password protection for Administrator
  So, Adobe recommends, 1st, not to Enable RDS at all, but then recommends as a "mitigation", Enabling RDS (post installation) to setup a username and password, but the ColdFusion 9 Lockdown Guide "Do not enable RDS.". 
  Maybe as a "Remediation", Adobe should just remove RDS since a) they recommend keeping it disabled and b) it's such a vulnerability?  Also, I would suggest that the recommendations from the Security Advisory (s) be incorporated into an updated ColdFusion 9 Lockdown Guide.
  I'm sure this cannot be the first time they've heard this.
  Don

  It doesn't say to "Enable RDS", it says "Enable password protection for RDS"
  You can disable the RDS by commenting out the servlet mapping in web.xml, but you should still set passwords for RDS on the chance that it ever gets enabled on the server (someone restores the wrong XMl files or something). It is best to enable separate RDS usernames and passwords for this.
  You should still keep RDS disabled in production, but this is an example of defense-in-depth. Even if RDS were to become enabled, it would alteast be password protected. These documents do not contradict each other.
  Disabling RDS: http://helpx.adobe.com/coldfusion/kb/disabling-enabling-coldfusion-rds-production.html
  Jason

• We use an add-on in one of our online solutions and we've identified a security vulnerability. The issue has been addressed in our latest add-ons and we would like to know how we may blocklist our previous player through a firefox update?

  We use an add-on in one of our online solutions and we've identified a security vulnerability. The issue has been addressed in our latest add-ons and we would like to know how we may blocklist our previous player through a firefox update?

  You can file a bug report to do that request.
  http://developer.mozilla.org/en/docs/Bug_writing_guidelines

• Patch/Detour for Acrobat Standard/Professional 8/7 for Flash Vulnerability APSB09-10

  Are Acrobat Standard or Professional version 8 or 7 vulnerable to the embedded Flash vulnerability in security bulletin APSB09-10?  Adobe posted a patche for Acrobat 9, but not versions 8 or 7.  The detour that Adobe put on their Product Security Incident Response Team blog does not appear to apply to Acrobat version 8 or 7 (there is no authplay.dll file to delete, rename, or remove access to). If Acrobat 8 or 7 are vulnerable, there is no patch, and the suggested detour does not work, how do we make Acrobat 8 and 7 secure.  (The cost to upgrade to version 9 is not reasonable just to get a security fix.)

  How can we be sure of that? I have found nothing authoritative from Adobe. Their security bulletin is very explicit about the versions of Flash Player that are affected and pretty good about the versions of Adobe Reader, but there is no mention about vulnerable versions of Acrobat in the security bulletin or the PSIRT blog. Are we reading a lot between the lines based on no patch for Acrobat versions earlier than 9.x? I would not read the lack of a patch to mean that the older versions are not vulnerable. Is Adobe just expecting everyone to upgrade to the latest version of Acrobat? They can do that with Adobe Reader and Flash Player because they are free. But upgrading to the latest version of Adobe is not something that people will do just to fix a security vulnerability.
  I'd really like an official statement from Adobe, perhaps even an update to their security bulletin, clarifying exactly which versions of Adobe are vulnerable and which need no patch/detour.

• JBIG2 vulnerability patches for AA7 and AA8 ?

  OK , I have Reader v9.1 and the MSP patch for Acrobat 9.0
  What about the JBIG2 vulnerability patches for AA7 and AA8 ?
  When will they be released ?
  Dave

  From: <[email protected]><br /><br />| 18th of MArch:<br />|  <a href=http://www.adobe.com/support/security/bulletins/apsb09-03.html><br /><br /><br /><br />Righteous -- Gratzi!<br /><br />-- <br />Dave

• HOW TO IDENTIFY WINDOWS VIRUSES?

  HI,
  my question is;is it possible to identify windows viruses on usb stick when I open it on mac?I know that is no problem for mac but for my pc maybe.
  Thank you

  Mac antivirus programs primarily contain definitions for Windows viruses. The main reason for their existence is to remove viruses used when sharing programs between Mac and Windows machines. It's not so much that Macs are vulnerable, but that a lot of people create output on Macs that are eventually used by Windows users. It's generally not good publicity releasing a file that has a virus attached that could infect customers' equipment.
  You could probably get a shareware (I forgot which one comes most recommended) or commercial antivirus program for OSX. You'd want to run a scan of the USB drive and have it auto-remove.

• The whtopic.js  file was identified as a security threat

  Hello,
  We generate WebHelp using RoboHelp HTML. The security teams contantly runs security checks on the applications and the whtopic.js file that RoboHelp generates was identified as a security threat becuase of "DOM ocde injection". The comment was that the document.location.href is controllable and, at a minimum, ought to be run through some html encoding.
  Any one else ever run into security analysis of the RoboHelp generated files?
  Anything we can do about it?
  Thanks,
  Rakefet

  These security things sometimes come up in tools. As the code here doesn’t have anything to do with cross frame scripting, so I very much doubt this is an XSS vulnerability. I have asked the people who know about this to look it over.
  Greet,
  Willam

• Cross-site scripting vulnerability

  HI!
  Has any one done this yet? Embedding a flash video object in
  Dreamweaver or
  Contribute using the Insert Flash Video command might create
  a cross-site
  scripting vulnerability. A potential cross-site scripting
  vulnerability has
  been identified within the FLVPlayer_Progressive.swf file.
  The fix on Adobe
  web site is not clear, the article I read about it says
  Dreamweaver 8 and
  CS3 are affected but the adobe page only refers to CS3. I was
  wondering if
  the files for the download they provide will work in 8.02 as
  well? This is
  the link to the Adobe webpage.
  http://kb.adobe.com/selfservice/viewContent.do?externalId=kb402925&sliceId=1
  Thanks.
  Dave

  I use CS3 and have done the update. The advice in the article
  on the page you're referring to is totally messed up.
  Do the renamed ... .old files need to be deleted from the
  \Program Files\Adobe\Adobe Dreamweaver
  CS3\configuration\Templates\Video_Player and the \Program
  Files\Adobe\Adobe Contribute
  CS3\Configuration\Templates\Video_Player folders or not? The
  article says nothing about this.
  The described update process for existing sites is absolutely
  unclear. Open the page in Dw, Preview In Browser, and Save? What
  change would that make? More importantly, is it enough to update
  the FLVPlayer_Progressive.swf and/or the FLVPlayer_Streaming.swf on
  existing sites or not?
  The updated files have a creation date of January 9, 2008
  while the article suggests that these files should have a creation
  date of January 15, 2008.
  The link is broken in the "Additional Information" section.
  That page seriously needs some supervision imho.