Macromedia Flash has critical vulnerability
来源:互联网 发布:linux curl post xml 编辑:程序博客网 时间:2024/04/28 17:32
The vulnerability, in Flash Player version 7.0.19.0 and earlier, could allow a hacker to compromise a user's PC.
Macromedia confirmed the existence of the flaw, which it classified as critical, on Friday afternoon. It recommends the users upgrade to version 8.0.22.0.
"There was a problem with bounds validation for indexes of certain arrays in Flash Player 7 and earlier, thus leaving open the possibility that a third party could inject unauthorised code that would have been executed by Flash Player," Macromedia warned.
To see more details on the vulnerability, and download the updated version, click here. Security firm Secunia also classifies the vulnerability as highly critical.
"The Flash Player plug-in is used by more people than [just those using] Internet Explorer," said Thomas Kristensen, Secunia's chief technical officer. According to Secunia, only those who use the IE and Opera Web browsers are vulnerable to the Macromedia flaw, since other browsers, such as Firefox, do not include Flash player in their default set-up.
Kristensen added that he was surprised that Macromedia had issued the patch on Friday afternoon, as many potential victims might have been returning home and not learned about the problem until Monday, or later.
"The bad guys have had a whole weekend to write exploits," Kristensen said.
eEye Digital Security, a research firm, says it told Macromedia about the existence of the flaw on 27 June.
- Macromedia Flash has critical vulnerability
- Macromedia Flash Bible
- Macromedia谈Flash的未来
- Macromedia Flash &Database 集成概述
- Macromedia Flash Player localization information
- Macromedia Flash Communication Server MX
- Macromedia Flash Flash Media Server配置教程
- macromedia官方的 Flash Lite 的 faq
- Macromedia Flash MX 认证考试样卷
- Macromedia Flash 8 Video Encoder安装
- Macromedia Flash MX 2004 Game Programming
- Macromedia Flash文件格式(SWF)详细说明书
- CORE SECURITY TECHNOLOGIES DISCOVERS CRITICAL VULNERABILITY IN VMWARE´S DESKTOP VIRTUALIZATION
- 创建用于移动设备的 Macromedia Flash 个人信息
- 通过Certified Macromedia FLASH MX 2004 Developer Exam
- Certified Macromedia Flash MX 2004 Developers中国大家庭
- Adobe+Macromedia:PDF和Flash互补有多精彩?
- JavaScript 和 Macromedia Flash 之间的通信示例
- "盗版"者的痛苦
- 用定制标签库和配置文件实现对JSP页面元素的访问控制
- 迷失的Borland
- Looking Beyond the Case Interview zz from sjtu
- c语言输出自己源代码和反源代码
- Macromedia Flash has critical vulnerability
- 日期正则表达式[YYYY-MM-DD]
- c代码I love you
- SQL 语法参考手册(SQL)
- WEB2.0 在新版FAQ系统的中体现
- 想用情书感动前女友的傻小子
- 网络上 愤青 的定义
- 天气变化,流感盛行
- ASP对Cookie操作的详细讲解