- Recommend:
- 0 Comments
Security Flaw Found in Flash Player
Hole could allow attacker to run code on vulnerable systems, security advisory warns.
A security hole in the way Macromedia's Flash player handles ActiveX content could allow an attacker to run the code of their choice on vulnerable systems, according to a security advisory published by eEye Digital Security late Thursday.
Macromedia is offering a new download of the player which fixes the flaw.
The vulnerability affects the Flash.ocx ActiveX component of the Flash player version 6 revision 23, and may affect earlier versions as well, Aliso Viejo, California, eEye says in its alert. The Flash.ocx component is installed with Internet Explorer, as well as with the Flash player, eEye says.
Hidden Code
A buffer overflow in Flash.ocx could allow an attacker to run code of their choice on a vulnerable system when a user reads an HTML-formatted e-mail containing attack code, visits a Web site with attack code in it or uses Internet Explorer to display any other third party HTML, eEye says.
EEye says that Macromedia, based in San Francisco, was already aware of the issue when it contacted the company and that the latest version of the Flash player fixed the flaw. Users should upgrade to the latest version of the Flash player, version 6 revision 29, eEye says.
The updated Flash player can be downloaded from Macromedia's Web site.
Would you recommend this story? YES NO
- Recommend:
- 0 Comments
-
Speed Up Everything!
PCWorld shows you the secrets to improve performance on all your hardware.
-
Lenovo IdeaPad
See why the IdeaPad tablet is optimized for ultimate entertainment.
-
ThinkPad Edge E420 Lenovo Style in an Affordable Package
Buy now direct from Lenovo -
ThinkPad X220 Fast and light, with great input ergonomics and battery life, this powerhouse ultraportable is best-of-breed.
Buy now direct from Lenovo -
ThinkPad X120e One of the best netbooks ever, X120e has the best netbook keyboard ever--nothing else comes close
Buy now direct from Lenovo
-
Adobe Fixes Zero-Day Flaw in Flash Player
-
Adobe Gives Users Control of Privacy with Flash Player 10.3
-
Flash Player 11.1 Arrives for Android Ice Cream Sandwich
-
Urgent: Patch Adobe Flash to Protect against Zero-Day Exploit
-
Adobe Flash Player 11 Will Have an Eye on Gaming
-
Google Chrome Update Fixes High-Severity Vulnerabilities, Patches Flash Player
- Bugs and Fixes: Defend Your PC Against Video Attacks
- 12 Criteria for Selecting the Best ERP System Replacement An ERP system is your information backbone and reaches into all areas of your business and value chain. Replacing it can open unlimited business opportunities. This white paper explains the 12 criteria that allow you to identify and select the solution that will meet these expectations.
- Leveraging Social Computing Technologies for ERP Applications This white paper details how Web 2.0 technologies support business strategies by improving efficiency, productivity, and collaboration.
-
New Windows 8 Logo is Latest in Beta Buildup
-
Achievement Unlocked 2: A Game You Can't Lose--With Elephants
-
Early Copies of Mass Effect 3 Will Go Into Space
-
Liberties Groups Rap Google's Skirting of Safari's Privacy Protections
-
Google's Safari Tracking Debacle: Reality Check
-
Apple, Microsoft to Duel in '12 With OS Upgrades
-
Meet Mountain Lion: Visual Tour
-
Thunderbird Tip: Change IMAP Folder Subscriptions
-
Tax Prep? There's an App for That, Too
-
Tax Sites: TurboTax Is Still the One to Beat
-
The Best Android Tablet Apps for Multimedia
-
Oracle and SAP Given June Court Date for TomorrowNow Retrial
Ad Choices