1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

20,000 Web pages help exploit 'patched' Flash flaw

Discussion in 'News' started by Echo419, May 28, 2008.

  1. Echo419

    Echo419 FS Owner

    A possible zero day exploit has been discovered for a flaw in Flash thought to have been patched by Adobe a month ago.

    Symantec researchers claim the exploit has several different payloads, including one to steal passwords from systems with the vulnerable software. Affected versions of Adobe Flash Player include 9.0.124.0 (latest version) and 9.0.115.0.

    Around 20,000 legitimate Web pages have been manipulated, likely via SQL-injection vulnerabilities, to redirect browsers to domains in China which host the exploit, according to Vincent Weafer, senior director of development for Symantec's Security Response team.

    [​IMG]</img> View Full Article: ZDNet Australia
     

Share This Page