Threat Level: green Handler on Duty: Russ McRee

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Potential Vulnerability in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8?

Published: 2008-03-20
Last Updated: 2008-03-20 22:31:35 UTC
by Joel Esler (Version: 1)
0 comment(s)

Roseman sent this in for us --  Thanks.

Adobe today published a note about a potential vulnerability in Flash CS3 Professional, Flash Professional 8, and Flash Basic 8.   Adobe says they will fix this in their next update to Flash Professional. 

They were very careful to mention, however, that this does NOT affect Flash PLAYER.  So, in order to head off the barrage of emails we may receive about "does this affect the program I installed so I could watch YouTube??!".  No, this vulnerability is not for you.  Basically, for prevention, don't open any FLA programs that you are not expecting to receive.  Same advice we'd give about any file or document.

 

Joel Esler

http://www.joelesler.net

 

0 comment(s)
Diary Archives