Critical vulnerabilities announced for all Adobe Flash platforms, including Linux and Solaris
|
|
Adobe patch critical security flaws in Flash Player for all platforms, and for once Linux (and Solaris) users do not get away scot free.
|
|
The cross-platform problem refers to an input validation error that could, potentially, lead to arbitrary code execution via content delivered from a remote location using web browser, email client, or pretty much any application that includes or references the Flash Player. Furthermore, a separate issue regarding an insufficient validation of the HTTP Referrer has also been identified in Flash Player 8.0.34.0 and earlier which could result in a cross-site request forgery attack.
Although the newly released update fixes software on all platforms, Linux and Solaris unsurprisingly get away with just Flash Player 7 (7.0.70.0) being at fault and with no impact at all for the version 9 software. The Linux and Solaris updates for Flash Player 7 addresses an issue with usage of Opera and Konqueror browsers alone. Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.
