--Flash Flaw Could be Exploited to Upload Malicious Code to Websites (November 12, 13 & 16, 2009) A vulnerability in Adobe Flash can be exploited to upload malicious code to websites. The flaw could also affect other active content, such as JavaScript. Adobe says the flaw is "unpatchable" and that the problem lies in widely used web design practices that are not secure. Adobe director for product security and privacy Brad Arkin noted that "Sites should not allow user uploads to a trusted domain."
http://www.theregister.co.uk/2009/11/13/adobe_flash_wallop/
http://www.scmagazineus.com/researcher-finds-frighteningly-bad-adobe-flash-flaw/article/157734/
http://www.v3.co.uk/v3/news/2253145/researchers-warn-flash-issue
http://www.computerworld.com/s/article/9140768/Flash_flaw_puts_most_sites_users_at_risk_say_researchers
ISC: http://isc.sans.org/diary.html?storyid=7585
No comments:
Post a Comment