Archive for September, 2009

Potential Photoshop Elements 8.0 issue

Adobe is aware of a report of improper service permissions potentially leading to a local privilege escalation issue in Photoshop Elements 8.0 (CVE-2009-3489). We are currently investigating this issue and will have an update once we have more information. For clarity, please note that “local privilege escalation” means that valid login credentials and/or physical access to a computer is required for service permissions to be altered. It would not be possible to exploit this issue from a remote source over the internet, for instance.
This posting is provided “AS IS” with no warranties and confers no rights.

Security Bulletin Posted for RoboHelp Server 8

A Security Bulletin has been posted in regards to the RoboHelp Server 8 issue last mentioned in the Adobe PSIRT blog on September 9 (“Update on RoboHelp Server 8 Issue“, CVE-2009-3068). Adobe categorizes this as a critical issue and recommends affected users patch their installations.
This posting is provided “AS IS” with no warranties and confers no rights.

Update on RoboHelp Server 8 Issue

A Security Advisory has been posted in regards to the RoboHelp Server 8 issue last mentioned in the Adobe PSIRT blog on September 3 (“Potential RoboHelp Server 8 Issue“, CVE-2009-3068). A critical vulnerability exists in the current version of RoboHelp Server 8. This vulnerability could result in an unauthenticated user uploading and executing arbitrary code.
We are in the process of developing a fix for the issue, and expect to provide an update by September 18, 2009.
We will continue to provide updates on this issue via the Security Advisory section of the Adobe web site, as well as the Adobe PSIRT blog.
This posting is provided “AS IS” with no warranties and confers no rights.

Potential RoboHelp Server 8 Issue

Adobe is aware of reports of a remote pre-authentication exploit in RoboHelp Server 8. We are currently investigating this potential issue and will have an update once we get more information.
This posting is provided “AS IS” with no warranties and confers no rights.

Flash Player update and Snow Leopard

The initial release of Mac OS X 10.6 (Snow Leopard) includes an earlier version of Adobe Flash Player than what is available from Adobe.com. We recommend all users update to the latest, most secure version of Flash Player (10.0.32.18) — which supports Snow Leopard and is available for download from http://www.adobe.com/go/getflashplayer.
This posting is provided “AS IS” with no warranties and confers no rights.