Palo Alto Networks™, the network security company, today announced that its Threat Research Team was credited by Adobe Systems Incorporated with identifying two vulnerabilities — CVE-2011-2414 and CVE-2011-2415— that affect multiple versions of Adobe Flash Player and Adobe AIR. Both are buffer overflow vulnerabilities that could lead to code execution. Adobe states that the vulnerabilities listed in this latest security bulletin could cause a crash and allow an attacker to take control of the affected system.
The Palo Alto Networks Threat Research Team has been credited with discovering several vulnerabilities this year and a cumulative total of 14 Adobe Flash vulnerabilities since 2007.
More about CVE-2011-2414 and CVE-2011-2415
Both CVE-2011-2414 and CVE-2011-2415 are buffer overflow vulnerabilities that could lead to code execution. These vulnerabilities pertain to several versions of Adobe Flash Player on Windows, Macintosh, Linux and Solaris and Android devices. Users of Adobe AIR applications on Windows, Macintosh and Android devices are also affected.
The Palo Alto Networks Threat Research Team
The Palo Alto Networks Threat Research Team is active in the research community, aggressively pursuing both new vulnerability research and alleviation of all types of threats. The team has leveraged its expertise to uncover a string of critical and important vulnerabilities and have then worked with Adobe to make sure users are protected.
Enterprises using legacy security technology increasingly lack visibility into and control of application traffic. Palo Alto Networks' next-generation firewalls are unique in the industry in their ability to see and control applications, users and content – not just ports, IP addresses and packets. Palo Alto Networks' next-generation firewalls enable enterprises to create granular, business-relevant security policies and safely control applications instead of the block-or-nothing approach offered by traditional port-blocking firewalls.
About Palo Alto Networks
Palo Alto Networks™ is the network security company. Its next-generation firewalls enable unprecedented visibility and granular policy control of applications and content – by user, not just IP address – at up to 20Gbps with no performance degradation. Based on patent-pending App-ID™ technology, Palo Alto Networks firewalls accurately identify and control applications – regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop threats and prevent data leakage. Enterprises can for the first time embrace Web 2.0 and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation. Most recently, Palo Alto Networks has enabled enterprises to extend protection over all types of traffic, applications, and threats to remote users with the release of GlobalProtect™. For more information, visit www.paloaltonetworks.com.
Palo Alto Networks, "The Network Security Company," the Palo Alto Networks Logo and App-ID are trademarks of Palo Alto Networks, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.
