Adobe Flash update available

Published: 2006-11-14
Last Updated: 2006-11-14 23:58:33 UTC
by Swa Frantzen (Version: 2)
0 comment(s)
Adobe has relased an update for a vulnerability in their Flash player.

CVE number is CVE-2006-5330, which isn't included in this month's MS06-069 adobe update from Microsoft.

http://www.adobe.com/support/security/bulletins/apsb06-18.html

Yet another thing to patch in the next few days.

Affected versions include 9.x, 8.x and 7.x .

If -after reading the adobe announcement are left wondering what modified HTTP headers of client requests can do to cause HTTP Request Splitting attacks, or what those are to start with, take a look at e.g.:
http://en.wikipedia.org/wiki/HTTP_Response_splitting

--
Swa Frantzen -- Section 66
Keywords: adobe flash
0 comment(s)

Comments


Diary Archives