Critical vulnerabilities have been identified in Adobe Flash Media Server (FMS) 3.5.2 and earlier versions. The vulnerabilities could allow an attacker, who successfully exploits the vulnerabilities, to run malicious code on the affected system.
This update resolves a resource exhaustion vulnerability that could could lead to a Denial of Service (DoS) (CVE-2009-3791).
This update resolves a directory traversal vulnerability that could lead to FMS loading arbitrary DLLs present on the server. (CVE-2009-3792).
Adobe recommends Flash Media Server (FMS) users install FMS version 3.5.3 available here.