Critical vulnerabilities announced for all Adobe Flash platforms, including Linux and Solaris

Posted by jenwren1010 on Jul 13, 2007 8:07 AM EDT
DaniWeb; By Davey Winder
Mail this story
Print this story

Adobe patch critical security flaws in Flash Player for all platforms, and for once Linux (and Solaris) users do not get away scot free.

The cross-platform problem refers to an input validation error that could, potentially, lead to arbitrary code execution via content delivered from a remote location using web browser, email client, or pretty much any application that includes or references the Flash Player. Furthermore, a separate issue regarding an insufficient validation of the HTTP Referrer has also been identified in Flash Player 8.0.34.0 and earlier which could result in a cross-site request forgery attack.

Although the newly released update fixes software on all platforms, Linux and Solaris unsurprisingly get away with just Flash Player 7 (7.0.70.0) being at fault and with no impact at all for the version 9 software. The Linux and Solaris updates for Flash Player 7 addresses an issue with usage of Opera and Konqueror browsers alone.

Full Story

  Nav
» Read more about: Story Type: News Story, Security; Groups: Community, Linux, LXer, Sun

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.