Home | Search | Login | RSS
We have 1073 members and counting!
Next Page

1

Previous Page

Thread: FMS 3 and 4 Critical Update - Go get it!

Created on: 11/09/10 07:33 PM

Replies: 0

Graeme





Joined: 10/18/07

Posts: 1591

FMS 3 and 4 Critical Update - Go get it!
11/09/10 7:33 PM

This is a notice to all using FMS 3 or 4 to go and update your software. Here is a link to the details But I'll copy and paste them in here too for speed. Remember to backup your current install before installing the update. It WILL overwrite your current installation.

Summary

Critical vulnerabilities have been identified in Adobe Flash Media Server (FMS) 4.0 and earlier versions, Adobe Flash Media Server (FMS) 3.5.3 and earlier versions, and Adobe Flash Media Server (FMS) 3.0.6 and earlier versions for Windows and Linux. One of the vulnerabilities could allow an attacker, who successfully exploits the vulnerability, to run malicious code on the affected system. Adobe has provided an update to address the reported vulnerabilities and recommends that users update their installations to Flash Media Server 4.0.1, 3.5.5 or 3.0.7 respectively using the instructions provided below.
Affected software versions

* Flash Media Server 4.0 and earlier versions for Windows and Linux
* Flash Media Server 3.5.4 and earlier versions for Windows and Linux
* Flash Media Server 3.0.6 and earlier versions for Windows and Linux

Solution

Adobe recommends Flash Media Server (FMS) users install Flash Media Server version 4.0.1, Flash Media Server version 3.5.5 or Flash Media Server version 3.0.7 available here: http://www.adobe.com/support/flashmediaserver/downloads_updaters.html.
Severity rating

Adobe categorizes this as a critical update and recommends that users apply the latest update for their product installations..
Details

Critical vulnerabilities have been identified in Adobe Flash Media Server (FMS) 4.0 and earlier versions, Adobe Flash Media Server (FMS) 3.5.4 and earlier versions, and Adobe Flash Media Server (FMS) 3.0.5 and earlier versions for Windows and Linux. One of the vulnerabilities could allow an attacker, who successfully exploits the vulnerability, to run malicious code on the affected system. Adobe has provided an update to address the reported vulnerabilities. It is recommended that users update their installations using the instructions provided above.

This update resolves a memory leak issue that could lead to a denial of service vulnerability (CVE-2010-3633).

This update resolves a Flash Media Server edge process issue which can lead to a denial of service vulnerability (CVE-2010-3634).

This update resolves a segmentation fault vulnerability that could lead to code execution (CVE-2010-3635).
* Last updated by: Graeme on 11/9/2010 @ 7:38 PM *

Link | Top | Bottom

Next Page

1

Previous Page

New Post

Please login to post a response.