CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

$9736.22 of $21422.68
left sidedonated so farneed $11686.46 donated to reach our goalright side, our goal
Help CastleCops serve the community on new servers, Donate Here to reach our goal.

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
Survey
spacer
Was 2007 a good year?

Yes it was a wonderful year
Yes, but there is always room for improvement
Status quo
It was a challenge
Other (leave comment)



Results
Polls

Votes: 940
Comments: 25
block bottom
spacer spacer
image Privacy: Beyond Security discovers bug in Macromedia Flash image
Security Hole
Johannesburg
16 April 2003

IT security specialist Beyond Security Ltd has issued an immediate security advisory regarding a high risk vulnerability discovered in global multimedia group Macromedia's Flash software. The vulnerability allows an attacker to gain sensitive information about users of its Flash software while surfing the Web.

The vulnerability lies within a segment of the Flash code known as 'Click Ad' which is utilised by most online ad banners to gain information about the user. If this weakness is exploited it will allow an attacker to drastically modify the information a user sees, possibly replacing the original advert with his own. Such an exploit might also allow an attacker to retrieve sensitive information from the user (ie cookies) or even steal the user's username and password for the affected Web site.

The problem was discovered in coordination with the Japanese information security company Vagabond, Beyond Security's business partner in Japan. The companies have an extensive common history of discovering security vulnerabilities, and were both previously involved in uncovering a critical vulnerability inside the code of leading certificate authority Verisign which, at the time, allowed an attacker to forge certificates issued by Verisign to its protected client sites.

Beyond Security has been in contact with Macromedia regarding the current Flash Bug, and both companies have worked together to resolve the issue.

Macromedia announced that all of its larger client Web sites using the technology have been notified, and have fixed the problem, where it related to them.Macromedia's Flash technology is used by almost 500 million Internet browsers around the globe, primarily as a multimedia content enabler, and one of its many features is presenting online interactive ads. These ads, while providing useful information to legitimate site advertisers, can also become a security risk, as revealed.

Full information about the vulnerability can be found on Beyond Security's information security portal at http://www.securiteam.com/securitynews/5XP0B0U9PE.html

Posted on Wednesday, 16 April 2003 @ 15:32:36 UTC by cj (1236 reads)
[ Trackback ]		image

"Privacy: Beyond Security discovers bug in Macromedia Flash" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· HotScripts
· W3 Consortium
· More about Security Hole
· News by cj

Most read story about Security Hole:
Windows Media Player, Spyware and Trojan
block bottom
Article Rating
spacer
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
220ppm 0.207s (0.023s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer