Macromedia Flash URL Modification Issue

 
Jul 20, 2002

There's been a report of a new vulnerability in the Flash Player that could allow maliciously authored Flash content, working in conjunction with other content on a Web server, to read the contents of files from the local file systems of Flash Player users, and send those contents back to Web servers without users' consent or knowledge. This vulnerability is limited to files whose locations and names are known or guessed ahead of time by attackers. An attacker would have to entice the user to a site under his control to exploit this vulnerability. This vulnerability can never be used to modify or delete local files. All Macromedia Flash Players are affected. Macromedia has released new versions of all Flash Players fixing this issue.

Solution: Customers should download the newer Macromedia Flash Player immediately.

Macromedia Flash content authors should read the following technote:

Technote: Loading Data Across Domains

See the link below for more details.

Macromedia Flash URL Modification Issue (August 8, 2002)

Add a Comment
(If you subscribe, any new posts to this thread will be sent to your email address.)
  
Privacy | FAQ | Site Map | About | Guidelines | Contact | Advertising | What is ColdFusion?
House of Fusion | ColdFusion Jobs | Blog of Fusion | AHP Hosting