BetaArchive Logo
Navigation Home Screenshots Image Uploader Server Info FTP Servers Wiki Forum RSS Feed Rules Please Donate
UP: 24d, 2h, 59m | CPU: 41% | MEM: 5613MB of 11015MB used
{The community for beta collectors}

Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 2 posts ] 
Author Message
 PostPost subject: Adobe Flash exploit could log keystrokes        Posted: Tue Jul 17, 2007 1:59 am 
Adobe has issued three critical security updates, one of which is
designed to stop a problem in the way the Flash player interacts with
browsers, which could result in users' keystrokes being transmitted to
attackers.

Adobe Flash Player 9.0.45.0, 8.0.34.0 and 7.0.69.0, as well as their
earlier versions running on all platforms, are affected.

Users loading a malicious vector graphics file format (SWF) in their Flash
Player may find attackers exploiting security flaws due to an input
validation error in 9.0.45.0 and earlier versions, [url=http://secunia.com/advisories/26027]according to a security
advisory from Secunia.[/url]
Attackers, as a result, can gain remote access to a user's system.

In versions 7.0.69.0 and earlier running on Linux and Solaris, malicious
attackers could exploit an error in the interaction between the Flash
Player and certain browsers. That could potentially lead to a leaking of
keystrokes to a Flash Player applet, Secunia noted. Flash Player 9 is not
affected.

Versions 8.0.34.0 and earlier contain a bug due to insufficient validation
of the HTTP referrer.
As a result, an attacker could execute a cross-site forgery attack. Flash
Player 9, however, is not affected.

Adobe recommends that 9.0.45.0 users [url=http://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash]upgrade to 9.0.47.0 for Windows,
Mac and Solaris, or 9.0.48.0 for Linux.[/url]

Adobe Flash Player 9 is the recommended solution for the other two
versions that contain security flaws.

Source.


Top
 PostPost subject:        Posted: Tue Jul 17, 2007 2:54 am 
Donator
Offline

Joined
Tue Oct 17, 2006 8:26 pm

Posts
932
This is rather serious seeing as I caught some exploited doubleclick ads


Top  Profile
Display posts from previous:  Sort by  
Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 2 posts ] 




Who is online

Users browsing this forum: No registered users and 11 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  

All views expressed in these forums are those of the author and do not necessarily represent the views of the BetaArchive site owner.

Powered by phpBB® Forum Software © phpBB Group

Copyright © 2006-2018

 

Sitemap | XML | RSS