Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Handlers Diary Blog - Unspecified Vulnerabilities in Flash InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Unspecified Vulnerabilities in Flash

Published: 2006-03-15
Last Updated: 2006-03-15 15:04:30 UTC
by Erik Fichtner (Version: 1)
0 comment(s)
A number of readers have written in to warn us about a recent notification from Adobe/Macromedia regarding an unspecified number of vulnerabilities of some nature within pretty much every Flash execution engine you've heard of on all the platforms that support Flash; eg Windows and Macintosh running:

Macromedia Breeze 4.x
Macromedia Breeze 5.x
Macromedia Breeze Meeting Add-In
Macromedia Flash 8.x
Macromedia Flash MX 2004
Macromedia Flash MX Professional 2004
Macromedia Flash Player 7.x
Macromedia Flash Player 8.x
Macromedia Flex 1.x
Shockwave Player 10.x

There are several other sources of "information" about this issue:
Secunia's WriteupMicrosoft's Writeup, and Macromedia's Writeup. 

So, we know that it appears as if the arbitrary code you're running inside a flash file has the potential to escape the flash engine and obtain access to the host system.  We know that updated versions of flash are available.
Microsoft's writeup also contains instructions on disabling the flash ActiveX control from executing.   Firefox users could probably get away with using AdBlock to prevent "*.swf" files, although it's not necessary that
the malware end in ".swf".

We don't know much else. We don't know how it works. We don't know who's seen it, if anyone has.

0 comment(s)
Diary Archives