437092
submission
+- Serious Flash vulnerabilities affect many websites-> on Saturday December 22 2007, @03:56PM
Submitted
by
on Saturday December 22 2007, @03:56PM
background: url(//a.fsdn.com/sd/topics/topicsecurity.gif); width:59px; height:78px;
security
An anonymous reader writes "Researchers from Google have documented serious vulnerabilities in Adobe Flash content which leave thousands of websites susceptible to attacks that steal the personal details of visitors. A web search reveals more than 500,000 vulnerable applets on major corporate, government and media sites. Removing the vulnerable content will require combing through website directories for SWF files and then testing them one by one. Updates in the Adobe software that renders SWF files in browsers are also likely, but they probably wouldn't quell the threat completely. Attack scenarios work something like this: A bank website hosts marketing graphics in the form of a vulnerable Flash applet. Attackers who trick a customer into clicking on a malicious link are able to execute the SWF file but inject malicious code variables that cause the customer's authentication cookies or login credentials to be sent to the attacker. No patch in sight from Adobe, that's the price to pay for depending on proprietary solutions."
Link to Original Source
Link to Original Source
lp1 on fire
(One of the more obfuscated kernel messages)
All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.
Serious Flash vulnerabilities affect many websites 0 Comments More Login /
Get More Comments