Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: CVE-2010-3654 exploit in the wild - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
CVE-2010-3654 exploit in the wild

Remember the vulnerability we discussed in https://isc.sans.edu/diary.html?storyid=9835 It appears to be there is an exploit for CVE-2010-3654 in the wild. While Adobe publishes the security patches, consider mitigation measures published in APSA10-05 advisory.

More information at http://blog.fortinet.com/fuzz-my-life-flash-player-zero-day-vulnerability-cve-2010-3654/

-- Manuel Humberto Santander Peláez | http://twitter.com/manuelsantander | http://manuel.santander.name | msantand at isc dot sans dot org

Manuel Humberto Santander Pelaacuteez

185 Posts
ISC Handler
Metasploit module for this:

http://www.metasploit.com/redmine/projects/framework/repository/revisions/10857
Anonymous
Well, this is the third deciding to stay with Version 8 has cut down on my workload. As long as they don't start hammering us through Flash...
Anonymous

Sign Up for Free or Log In to start participating in the conversation!