Adobe Warns of Code Injection Hole in Flash Media Server

Remotely exploitable vulnerabilities puts business users at risk of system takeover attacks.

Adobe's security struggles have hit a new gear with three new bulletins warning about "critical" code injection and system takeover vulnerabilities in enterprise-facing products.
On the heels of the recent disclosure hiccup surrounding Adobe Reader, the vendor Feb. 12 released patches for two critical issues affecting the Flash Media Server and the Adobe Connect Enterprise Server.
A third bulletin, rated "important," provides cover for a cross-site scripting vulnerability affecting RoboHelp 7 and RoboHelp 7 installations.
The most serious of the three issues-in Flash Media Server 2-fixes a total of three flaws that could put business users at risk of remote code injection attacks.
According to iDefense, the company that reported the bugs to Adobe, the Flash Media Server is vulnerable to remote exploitation of multiple integer overflow vulnerabilities.
"[This] could allow an unauthenticated attacker to execute arbitrary code with SYSTEM privileges," iDefense said. To exploit these vulnerabilities, an attacker only needs the ability to connect to the target server on TCP port 1935 or 19350.
The bugs affect Flash Media Server 2 version 2.0.4 on Windows. Previous versions, as well as the Linux version, may also be affected, iDefense said.
The second critical issue in this Adobe patch batch-three different vulnerabilities in the Adobe Connect Enterprise Server-also puts users at risk of remotely exploitable system takeover attacks.
Attackers would need to be able to connect to TCP port 1935 to exploit this issue, Adobe said.
Earlier this week, Adobe also belatedly shipped a security bulletin to acknowledge several serious issues in the ubiquitous Adobe Reader and Adobe Acrobat products.
Anti-malware vendors have confirmed that the Reader/Acrobat vulnerability is being exploited in the wild with rigged PDF files.