Serious Flash vulns menace at least 10,000 websites

by admin December 26, 2007 at 9:40 am
0 Comment

No patch anytime soon

Researchers from Google and a well-known security firm have documented serious vulnerabilities in Adobe Flash content which leave tens of thousands of websites susceptible to attacks that steal the personal details of visitors.

The security bugs reside in Flash applets, the ubiquitous building blocks for movies and graphics that animate sites across the web. Also known as SWF files, they are vulnerable to attacks in which malicious strings are injected into the legitimate code through a technique known as cross-site scripting, or XSS. Currently there are no patches for the vulnerabilities, which are found in sites operated by financial institutions, government agencies and other organizations.

Full story: theregister.co.uk

Related Content
Realme C15 Launching in India on August 18: Everything We Know So Far
Facebook’s CEO to meet PM Modi today
Firefox 4 Beta 1: A Visual Tour
Now, access Facebook on mobile devices for free
more news from the blog
JRecoverer for Oracle Database Passwords 1.1.0
Microsoft Readies Major Launch Wave
webcamXP 5.5.0.6
Researchers create ultra-fast charging Li-ion batteries
Exstora 2.5
BugHunter 2.2e
DiskCryptor 0.8
Wikipedia Plans to Use Color Codes to Highlight Untrustworthy Text
InstantShot! 2.1
ChromeExtensions
Camfrog for Windows Mobile 2.0
SnippetHub 0.11.1.72 Beta
UK government wants to toughen up anti-piracy measures
Google Preps Blogger For The Enterprise
First look at Photoshop Elements 8
Sharpcast Photos 1.0
Loki 2.2
Poster Forge 1.02.01
Microsoft Dangles Cash for Trying Office
Palm Targets Bargain Hunters With $100 Smartphone
Windows Mobile 6.1.4 Emulator Images
AllMyNotes Organizer 1.26
PC LiveTV 2.0
Buy Bill Gates' 1990 Lexus on eBay
Microsoft and Nokia team up for Windows Live
Don't pirate MS-Office: use ours, says OpenOffice.org
Beerwin’s PlainHtml 7.0.1
Google launches Go programming language
Contenta Converter Basic 4.7
Paint.NET 3.5.5
R-Firewall 1.0 build 53
IE Changes To Avoid Eolas IP
emesene 1.5