http://www.securityfocus.com/bid/29386/discuss tells the following: NOTE: Further research indicates that this vulnerability is the same issue described in BID 28695 (Adobe Flash Player Multimedia File Remote Buffer Overflow Vulnerability), so this BID is being retired.
And http://www.securityfocus.com/bid/28695 tells: Not Vulnerable: Adobe Flash Player Plugin 9.0.124.0 http://isc.sans.org/diary.html?date=2008-05-28 tells: On closer examination, this does not appear to be a "0-day exploit". Symantec has updated their threatcon info, as well. We have yet to see one of these that succeeds against the current version (9.0.124.0), if you find one that does, please let us know via the contact page. BTW: update-flashplugin-nonfree is your friend (read the manpage if interested) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
