Adobe Flash FLA File Parsing Vulnerabilities

Adobe Flash is back in the news with a new vulnerability that affects how files are parsed.

From Secunia:

Description:

cocoruder has reported some vulnerabilities in Adobe Flash, which can be exploited by malicious people to compromise a user’s system.

The vulnerabilities are caused due to unspecified errors when parsing specially crafted FLA files.

Successful exploitation may allow execution of arbitrary code when opening a malicious FLA file.

Solution:
According to the vendor, the vulnerabilities will be fixed in the next major release of Flash Professional.

Do not open untrusted FLA files.

For the Firefox readers you might want to check out the add-on “noscript“. If you are using IE just breathe into a paper bag slowly. Be aware, surf with care.

Article Link

[Source: Liquidmatrix]

0 comments