ISSSource White Papers

Posts Tagged ‘SWF files’

Wednesday, February 27, 2013 @ 03:02 PM gHale

Another vulnerability, another update. That has been the pattern Adobe has been following of late as it released its third another security update for its Flash Player product this month.

The emergency update patches three vulnerabilities, including two critical (CVE-2013-0643 and CVE-2013-0648) that are targeting Flash Player in Mozilla’s Firefox browser and could let an attacker crash and compromise affected systems.

Adobe Emergency Patches, Again
Security Fixes; PDF Viewer in Firefox 19
Developer Site Zero Day Attack Source
Adobe Mitigation Plan for Zero Day

According to a post on Adobe’s Product Security Incident Response Team (PSIRT) blog, both of the vulnerabilities are suffering exploitation via targeted attacks. Adobe claims some attackers are tricking users into clicking a link that leads them to a website serving up malicious SWF files.

The fix affects Flash Player and earlier for Windows, Flash Player 11.6.602.167 and earlier for Macintosh and Flash Player and earlier for Linux.

The fix also resolves a permissions issue with Firefox’s Flash Player sandbox and a buffer overflow vulnerability in the Flash Player’s broker service.

Adobe last fixed Flash Player two weeks ago when it fixed 17 vulnerabilities with a regularly scheduled update. That patch only came a few days after the company issued an out-of-band patch for two Zero Day vulnerabilities undergoing exploitation.

One of those Zero Days (CVE-2013-0633) was affecting Microsoft Office documents while the other zero day (CVE-2013-0634), similar to the vulnerability just patched, targeted Firefox browsers, along with Mac OS X systems via malicious .SWF files.

Monday, March 19, 2012 @ 04:03 PM gHale

There is a critical severity flaw in Bing that has a remotely exploitable Flash component vulnerability that could allow an attacker to implement malicious persistent comments while the user was editing or posting via Flash.

Security researchers Subho Halder, Aditya Gupta and Dev Kar discovered the flaw and reported it to Microsoft February 7; the company responded two days later and by March 14 the software giant patched it.

Patch Tuesday also Exploit Tuesday
Bounty for Patched RDP Exploit
Microsoft Shuts RDP Hole
Mozilla Firefox 11 Ready to Go

If unaddressed, the remotely exploitable Flash component vulnerability may have allowed an attacker to implement malicious persistent comments while the user was editing or posting via Flash.

The vulnerable module was the Comments&Edit – Flash Input/Output when swf files created with Action Script loaded.

With the vulnerability, it is fairly easy for an attacker to remotely exploit the vulnerabilities, without much user interaction required.

Bing’s popularity is on the rise as people use it to perform searches and other tasks.

Vulnerability researchers have been finding weaknesses and helping website administrators and vendors patch products.

Tuesday, December 6, 2011 @ 04:12 PM gHale

Adobe patched a security flaw in its Flex SDK product that could lead to cross-site scripting attacks against some applications built using the SDK. The vulnerability affects versions 3.6 and below and 4.5.1 and below.

The Flex SDK is a free, open source application framework that Adobe produces to enable developers to write apps across a variety of devices and platforms. Flex can work with other tools to build apps for iOS, Android, BlackBerry and the Web. The newly patched vulnerability affects the Flex SDK for Windows, Macintosh and Linux.

Email Hole Enables Spam Messages
Rootkit, Trojan Unite
Busted: Ghost Click Nets Six
Malware Thrives, Remains Undetected

“An important vulnerability has been identified in the Adobe Flex SDK 4.5.1 and earlier 4.x versions and 3.x versions on the Windows, Macintosh and Linux operating systems. This vulnerability could lead to cross-site scripting issues in Flex applications.

Adobe recommends users of the Adobe Flex SDK 4.5.1 and earlier 4.x versions, and the Adobe Flex SDK 3.6 and earlier 3.x versions update their software, verify whether any SWF files in their applications are vulnerable, and update any vulnerable SWF files using the instructions and tools provided,” the Adobe advisory said.

Adobe is recommending that Flex users update their vulnerable versions of the framework as soon as possible and then go through the process of determining whether any apps built with those Flex releases are vulnerable. The company has produced a technical note explaining how to check whether apps built with Flex include vulnerable SWF files.

Once a user has determined an app is vulnerable there are two options: Repair the app or patch Flex and then rebuild the app.

Adobe’s tech note explains how to perform both actions, if necessary.

Archived Entries