Number: IRCNE2014102341
Date: 2014/10/18
According to “techworld”, Adobe has released updates for Flash Player and the ColdFusion web platform. The update fix three critical vulnerabilities in Flash Player on all platforms, as well as the AIR Runtime and SDK. The new versions of ColdFusion fix three lower-priority vulnerabilities.
The table below lists the affected and fixed versions of Flash Player and AIR:
To check the version of Flash Player you are running, access the About Flash Player page, or right-click on content running in Flash Player and select "About Adobe (or Macromedia) Flash Player" from the menu.
Microsoft will release a new version of Internet Explorer, which has Flash Player integrated since version 10, fixing this and other vulnerabilities later today. Google has already begun to release new versions of Chrome with the fixed Flash Player.
New hotfixes for ColdFusion address a security permissions issue that could be exploited by an unauthenticated local user to bypass IP address access control restrictions applied to the ColdFusion Administrator. The hotfix also fixes cross-site scripting and cross-site request forgery vulnerabilities.
- 2