Denial of service and system information leakage flaws are uncovered in three enterprise-facing server products.Macromedia Inc. on Wednesday released a batch of security patches to cover a trio of flaws affecting some of its enterprise-facing server products.
The San Francisco, Calif.-based software and platform provider said the vulnerabilities could put users at risk of denial-of-service and information disclosure attacks.
Two of the flaws are rated "moderately critical" by security alerts aggregator Secunia Inc.
Affected products include the Macromedia Flash Media Server, the Macromedia Breeze Communication Server/Live Server and the Macromedia Contribute Publishing Server.
The Macromedia Flash Media Server bug affects versions 1.0 through 1.5. The company explained that the server does not sufficiently validate some RTMP data, a bug that can cause server instability or crashes.
Patches have been included in the Macromedia advisory.
A second alert was released to warn about a denial-of-service hole in the Macromedia Breeze Communication Server/Live Server, which is part of the company's Web conferencing and communications software suite.
For advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internet's Security IT Hub.
That flaw, also rated "moderately critical," affects Macromedia Breeze 4.x through 5.x.
Macromedia said the vulnerability is caused due to an error in validating RTMP data. This may be exploited to cause the server to become unstable or crash via specially crafted RTMP data sent from a Flash Player.
Click here to read more about a security hole in Macromedia's Flash Player.
The third vulnerability, in the Macromedia Contribute Publishing Server, can allow malicious hackers to hijack sensitive information.
Read the full story on eWEEK.com: Macromedia Patch Trifecta Plugs Security Holes
Web Design 
