Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: CVE-2010-3654 exploit in the wild - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
CVE-2010-3654 exploit in the wild

Remember the vulnerability we discussed in https://isc.sans.edu/diary.html?storyid=9835 It appears to be there is an exploit for CVE-2010-3654 in the wild. While Adobe publishes the security patches, consider mitigation measures published in APSA10-05 advisory.

More information at http://blog.fortinet.com/fuzz-my-life-flash-player-zero-day-vulnerability-cve-2010-3654/

-- Manuel Humberto Santander Peláez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org

Manuel Humberto Santander Pelaacuteez

183 Posts
ISC Handler
Metasploit module for this:

http://www.metasploit.com/redmine/projects/framework/repository/revisions/10857
Manuel Humberto Santander Pelaacuteez
1 Posts Posts
Well, this is the third deciding to stay with Version 8 has cut down on my workload. As long as they don't start hammering us through Flash...
Manuel Humberto Santander Pelaacuteez
57 Posts Posts

Sign Up for Free or Log In to start participating in the conversation!