Home > IT Blogs > Security Bytes > Adobe Flash update fixes flaw that enables clickjacking attacks
>>VIEW ALL POSTS  

Security Bytes

« New Windows vulnerability reported
Malicious widget infects Network Solutions hosted websites »
Aug 11 2010   1:46PM GMT

Adobe Flash update fixes flaw that enables clickjacking attacks



Posted by: Robert Westervelt
Adobe, Adobe Flash

Adobe repaired six memory corruption vulnerabilities in Flash Player that could enable an attacker to execute code remotely on a victim’s computer.

Adobe Systems Inc. plugged six vulnerabilities in Flash Player and issued updates to its ColdFusion and Adobe Flash Media Server, fixing several other flaws in those products.

The software maker said the vulnerabilities in its Flash Player could cause the application to crash and enable an attacker to gain access to a victim’s computer. The repairs include several memory corruption errors as well as a bug that could enable clickjacking attacks. The vulnerabilities are in Flash Player version 10.1.53.64 and earlier. In addition, Adobe updated its Adobe AIR development environment and urges users to upgrade to Adobe AIR 2.0.3.

Adobe has addressed vulnerabilities that enable clickjacking in the past. One security expert, John Strand, told SearchSecurity.com that clickjacking may be better prevented through security policy, rather than technology.

An update to Adobe Flash Media Server fixes four vulnerabilities that could enable an attacker to run malicious code on an affected system. The vulnerabilities affect Adobe Flash Media Server 3.5.3 and earlier versions and Adobe Flash Media Server 3.0.5 and earlier versions for Windows and UNIX.

Adobe said it also corrected a directory traversal vulnerability in ColdFusion 9.0.1 and earlier versions that could lead to a data leakage. ColdFusion is a development environment used by website designers to create dynamic web pages.

  Bookmark and Share     Comment     RSS Feed     Email a friend

Comment on this Post


You must be logged-in to post a comment. Log-in/Register

Rgmoon  |   Dec 9 2010   9:52AM GMT

Nice to have info related to different software tools. This is authentic source of gathering info related to studies. There are only few websites that provides info related to studies. This one is the beast. Thanks for this post.
Cars 4 sale


 

Rgmoon  |   Dec 23 2010   8:06AM GMT

It industry is growing very rapidly and you are doing good efforts by providing info related to this. Thanks for this wonderful and informative post. Keep your efforts up.
decatur daily


 

Aster  |   Dec 30 2010   7:19AM GMT

That is not good.really! I have faced problems in Flash player lot many times but didn’t even think for once about access gain! Place some more issues about this particular software so that we all could easily get proper guideline. Thanks for this one!
software download