CVE-2009-1862

Name of the Vulnerable Software and Affected Versions: Adobe Reader and Acrobat versions 9.x through 9.1.2 Adobe Flash Player versions 9.x through 9.0.159.0 Adobe Flash Player versions 10.x through 10.0.22.87

Description: The issue allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Flash application in a .pdf file or a crafted .swf file, related to authplay.dll. This issue has been exploited in the wild in July 2009.

Recommendations: For Adobe Reader and Acrobat versions 9.x through 9.1.2, update to a version later than 9.1.2 to resolve the issue. For Adobe Flash Player versions 9.x through 9.0.159.0, update to a version later than 9.0.159.0 to resolve the issue. For Adobe Flash Player versions 10.x through 10.0.22.87, update to a version later than 10.0.22.87 to resolve the issue. As a temporary workaround, consider disabling the use of authplay.dll until a patch is available.