[24754] in bugtraq
Re: More SWF vulnerabilities?
daemon@ATHENA.MIT.EDU (the Pull)
Wed Mar 20 15:37:48 2002
Message-ID: <20020320075851.87861.qmail@web12507.mail.yahoo.com>
Date: Tue, 19 Mar 2002 23:58:51 -0800 (PST)
From: the Pull <osioniusx@yahoo.com>
To: Drew Daniels <umdanie8@cc.umanitoba.ca>, bugtraq@securityfocus.com
In-Reply-To: <20020319222943.18670.qmail@mail.securityfocus.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
--- Drew Daniels <umdanie8@cc.umanitoba.ca> wrote:
>
>
> Vulnerable systems: unpatched "standalone Flash
> players" (Macromedia Shockwave Flash player
> versions before January 2002?)
<snip>
The first article (from McWilliams at Newsbytes),
states that:
"Neither the new vulnerability nor January's
SWF/LFM-926 virus affects the millions of users of
Macromedia's browser-based Flash plug-in or ActiveX
control. Those players do not have access to special
commands, and Flash files played back through a
browser are secure, according to Macromedia. "
..
"'Since these flaws only affect the authorware version
of Flash, it's unlikely they'll be exploited in a
widespread way,' said Coursen."
>
> From:
> http://cartome.org/flash-hole.htm
<snip>
__________________________________________________
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage
http://sports.yahoo.com/
