Release DateDec 03, 2009 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can run malicious code on the affected system. |
DescriptionThis indicates an attack attempt against a code-execution vulnerability in Adobe Flash Media Server (FMS).The vulnerability is caused by an error when the vulnerable software handles a specially crafted RTMP command message which could lead to execution of arbitrary code on the server. |
Affected ProductsFlash Media Server 3.5.2 and earlier versions |
Recommended ActionsUpgrade to the version 3.5.3, available from the vendor's web site:http://www.adobe.com/support/flashmediaserver/downloads_updaters.html. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-3791 |
Reference/shttp://www.adobe.com/support/security/bulletins/apsb09-18.html |
