Another Security Hole Found In Macromedia Flash
A Macromedia customer discovered a vulnerability in the Flash 5 Authoring tool based on the undomented undocumented ActionScript command "fscommand:save". Using this command, Vengy was able to create a "Trojaned" Flash movie that, when viewed using the standalone Flash player, would place a malicious script on the viewer's computer.
The following articles give more information, on this and the related "exec" hole and the SWF/LFM-926 virus, which were both discovered in January.
Another Security Hole Found In Macromedia Flash (Newsbytes.com, February 26)
Vengy's Advisory on the Flash "save" Vulnerability
Latest ColdFusion Talk (CF-Talk)
- Details on CF9's "free for academic" licensing?
- cfthread running condition?
- Listing then Deleting Duplicates
- Can I Use This CFScript Like This?
- Accessing Sharepoint file
- Pre-filling FileField Values
- cfcalendar and multiple dates
- (ot) How do you preload a SWF file?
- CFGrid Question
- ColdFusion not seeing standard Java classes when using CFINVOKE
Latest ColdFusion Jobs (CF-Jobs)
- ColdFusion MX 7 Server Consultant in/around Hoboken, NJ
- Part Time Coding Job
- Sr ColdFusion Developer Available
- Cold Fusion Flex Developer - PA
- North Bay Application Developer Search
- Contract to HIRE Cold Fusion Developer needed in Wake Forest NC
- Please post this Cold Fusion opportunity Thanks
- ColdFusion Developer - Northern California
- ColdFusion Web Developer - Baltimore, MD
- ColdFusion Web Developer
Want a number like 800-ColdFusion?
My Toll Free 800 Number provides a vanity phone number service to clients who want more than just digits. How would you like 800-coldfusion?