-   Linux - Security (
-   -   Adobe Flash Player Multiple Unspecified Vulnerabilities (Highly Critical) (

win32sux 09-12-2006 10:17 PM

Adobe Flash Player Multiple Unspecified Vulnerabilities (Highly Critical)

Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions or compromise a user's system.

1) Various unspecified input validation errors may allow arbitrary code execution when e.g. visiting a malicious website.

2) An unspecified error can be exploited to bypass the "allowScriptAccess" option.

3) [...]

Update to [...] fixed version (see the vendor advisory for details).
Secunia Advisory

NOTE: You can get the latest GNU/Linux version (7.x) here.

win32sux 09-13-2006 08:18 AM

Proof-Of-Concept Has Been Produced

Computer Terrorism (UK) can confirm the un-disclosed production of a reliable multi-platform & multi-browser Web based Proof-Of-Concept (PoC). Such an exploit could be used in a web-based attack scenario, where unsuspecting users are lured to a maliciously constructed website.
More info at: Computer Terrorism (UK).

unSpawn 09-13-2006 09:48 AM

Good to know. I was wondering about PoC existence when you posted this yesterday.

All times are GMT -5. The time now is 03:32 PM.