Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 18.104.22.16810; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.
TREND MICRO PROTECTION INFORMATION
Apply associated Trend Micro DPI Rules.
Trend Micro Deep Security DPI Rule Number: 1004202
Administrators of NGINX web servers running PHP-FPM are advised to patch a vulnerability (CVE-2019-11043) that can let threat actors execute remote code on vulnerable, NGINX-enabled web servers. Here’s what you need to know.