Macromedia Flash Activex Buffer Overflow

NT Bugraq reported a vulnerability in the parameter handling to the Flash OCX. We are happy to report that Macromedia was right on the ball here; as soon as this very serious problem was discovered, Macromedia fixed it in the latest release of Flash. However, it is something our readers should be aware of, as those with older versions could be caught unawares.

This flaw could lead to the execution of attacker-supplied code via email, web or any other avenue in which Internet Explorer is used. This includes software which uses the web browser activex. All users of Internet Explorer are potentially affected because this is a Macromedia signed ocx. NT Bugtraq advises users to upgrade your Flash version immediately to version 6, revision 29, which does not contain the vulnerability.

eEye Digital Security (Advisory): Macromedia Flash Activex Buffer Overflow

Download the Latest Flash OCX

del.icio.us | digg | Spurl | Simpy | Newsvine | BlinkList | Furl | reddit | BlogMarks | Yahoo! My Web | Ma.gnolia | Technorati

• Subscribe
• RSS

• Editorial
• Specials
• Community
• News
• Tech and Tags
• Views
• Reviews
• Techniques
• Security
• Best of ColdFusion Talk
• Knowledge Base
• Blog Watch

• Tipical Charlie

Quarterly Update