20,000 Web pages help exploit 'patched' Flash flaw

Discussion in 'News' started by FSOwner, May 28, 2008.

  1. FSOwner

    FSOwner FS Owner

    A possible zero day exploit has been discovered for a flaw in Flash thought to have been patched by Adobe a month ago.

    Symantec researchers claim the exploit has several different payloads, including one to steal passwords from systems with the vulnerable software. Affected versions of Adobe Flash Player include 9.0.124.0 (latest version) and 9.0.115.0.

    Around 20,000 legitimate Web pages have been manipulated, likely via SQL-injection vulnerabilities, to redirect browsers to domains in China which host the exploit, according to Vincent Weafer, senior director of development for Symantec's Security Response team.

    [​IMG]</img> View Full Article: ZDNet Australia
     

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice