Skip to main content

Adobe Flash Media Server Directory Traversal and DoS Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 22 Dec 2009 5455 Views

RISK: Medium Risk

Two vulnerabilities have been identified in Adobe Flash Media Server, which could be exploited by remote attackers to cause a denial of service or compromise a vulnerable system.

1. An unspecified directory traversal error which could lead to FMS loading arbitrary DLLs present on the server.

2. An unspecified resource exhaustion error which could be exploited by attackers to create a denial of service condition.


Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Adobe Flash Media Server version 3.5.2 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Upgrade to Adobe Flash Media Server version 3.5.3 :
http://www.adobe.com/support/flashmediaserver/downloads_updaters.html


Vulnerability Identifier


Source


Related Link