Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Flash W/ Sql - Exploits In The Wild


  • Please log in to reply
4 replies to this topic

#1 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,948 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:37 AM

Posted 28 May 2008 - 02:39 PM

There are reports of a critical vulnerability affecting current versions of Adobe Flash and evidence of it being exploited in the wild. Versions including and previous to 9.0.124.0 are reported to be at risk. However — chatter on the security lists we frequent suggest version 9.0.124.0 is not vulnerable and that the attacks are only reliably effective against version 9.0.115.0 and earlier (using CVE-2007-0071).

In any case — we are seeing Flash exploits being used in combination with SQL injection attacks...

f-secure.com/weblog
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)

 


#2 frankp316

frankp316

  • Members
  • 2,677 posts
  • OFFLINE
  •  
  • Local time:06:37 AM

Posted 28 May 2008 - 09:02 PM

The following CNet link will take you to a patch at the Adobe website.





http://news.cnet.com/8301-10784_3-9954408-...g=2547-1_3-0-20

#3 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 51,948 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:37 AM

Posted 29 May 2008 - 05:59 AM

Symantec: We were wrong on Adobe Flash 'bug'
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:07:37 AM

Posted 29 May 2008 - 11:45 AM

Adobe Flash Player Flaw - Massive Exploitation reported

Security sites are warning of increased dangers of malformed Shockwave Flash (SWF) objects. It is important to move to the latest version of Flash if prompted or manually update if you are not on version 9.0.124.

Adobe test site which will show latest version (should be 9.0.124)
http://kb.adobe.com/selfservice/viewConten...rnalId=tn_15507

How to manually update if needed (be sure to uncheck Google Toolbar)
http://www.adobe.com/products/flashplayer/

AVERT reports that recent sites affected by mass hacking attacks are being redirected to load malicious SWF files. These exploits are being programmed for specific versions of Flash to broaden the scope of attacks. Finally, please see last AVERT link (05/28), as they are researching a new variant that might possibly exploit Flash where it is fully up-to-date (e.g., 9.0.124).

Adobe Flash Player Flaw - Massive Exploitation reported
http://www.frsirt.com/english/

Adobe Flash Player Flaw Massive Exploitation -- The Adobe Flash Player vulnerability which was disclosed this week by Symantec and believed to be unknown (zero-day) is a previously known issue that was patched with version 9.0.124.0. Multiple compromised web pages are currently exploiting this flaw and distributing malware.


ADDITIONAL LINKS
http://www.frsirt.com/english/advisories/2008/1158
http://isc.sans.org/diary.html?storyid=4474
http://secunia.com/advisories/30404/
http://www.securityfocus.com/bid/29386
http://www.avertlabs.com/research/blog/ind...exploit-update/

Here’s a quick update to the earlier post on a new unpatched Adobe Flash vulnerability. Through looking for sites serving these SWF exploits we’ve found a connection with recent mass hacks. Hacked sites reference an external script, just as they have for quite some time. But, the external scripts now reference an SWF file.


New variants emerging - AVERT researching claims that currently patched systems may be vulnerable?
http://www.avertlabs.com/research/blog/ind...ploit-update-2/

At first, this appeared to close the case, but there was a report of a patched version of Flash falling victim to one of these attacks, and we’ve seen an SWF file referencing a missing file named WIN 9,0,124,0i.swf, which also suggests that the latest version of Flash is the target of that file.



#5 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 51,948 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:37 AM

Posted 05 June 2008 - 01:04 PM

Microsoft opens up on XP SP3 Flash 'bug'

..."Microsoft does not ship any version of Flash in the Windows XP Service Pack 3 update that customers use to update existing SP2 machines," the company said...However some people who build new XP systems using SP3 will need to update their software. "A new system built using a copy of Windows XP with SP3 integrated will install the original Flash 6 that shipped with Windows XP Gold and will need MS06-069 installed from Windows Update,"...


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users