Flash Security Hole 18

Posted by Hemos on Monday March 10, 2003 @08:34AM from the who-needs-security dept.

otterpop378 wrote to us about a From report on CNN about a new security hole in Flash. Evidently, it's pretty big, as Macromedia wants everyone to update - sounds like the sandbox isn't quite working as it should.

This discussion has been archived. No new comments can be posted.

Flash Security Hole

Load All Comments

Search 18 Comments Log In/Create an Account

Comments Filter:

If you use gentoo... (Score:3, Informative)

by JimDabell ( 42870 ) writes: on Monday March 10, 2003 @08:55AM (#5475758) Homepage

This is already fixed in gentoo:
emerge sync; emerge -u netscape-flash

Share
twitter facebook
- - Re:If you use gentoo... (Score:1)
    
    by Wolfrider ( 856 ) writes:
    
    --Using Opera 6.1, www.macromedia.com shows a blank page. :(
Nice irony... (Score:3, Funny)

by $rtbl_this ( 584653 ) writes: on Monday March 10, 2003 @08:57AM (#5475774)

...accompanying a story about a serious security hole in Flash with a Flash-based popup advert.

Share
twitter facebook
conspiracy theorist (Score:1, Insightful)

by Anonymous Coward writes:

The conspiracy theorist in me can't help but think this security update -- which doesn't specify anything other than a buffer overflow -- is an attempt to get people to upgrade to the latest version of Flash, which I believe is now required to properly interact with the new Macromedia.com.
- Re:conspiracy theorist (Score:3, Insightful)
  
  by Khalidz0r ( 607171 ) writes:
  
  Heh, a big company wouldn't give up their reputation in security to simply get you to update, there are better ways to do that.
  
  The worst thing a company would think of doing is announcing that their software is not secure, for whatever reason.
  
  Khalid
  - Re:conspiracy theorist (Score:2)
    
    by MarkGriz ( 520778 ) writes:
    
    Funny thing though... there is no mention of this huge security hole on their web page. If they were so interested in security,
    you'd think they would at least announce a "New version of Flash available - now with improved security. Click here to download"
    - Re:conspiracy theorist (Score:2, Interesting)
      
      by Dudio ( 529949 ) writes:
      
      I didn't see anything posted to the lists (Bugtraq, Vulnwatch, Full Disclosure, etc.) about this either, until the Gentoo announcement [netsys.com] yesterday. For an issue Macromedia calls critical [macromedia.com], they sure are being quiet about it.
Any easy way to temporaily disable flash in IE? (Score:2, Insightful)

by Palos ( 527071 ) writes:

This is kind of offtopic, but with a lot of sites using flash for ads that adblockers don't seem to block well, is there a way to disable it temporaily easily? I've seen some sites that show how to get rid of it, but that just brings up a popup anytime you go to a site with it. I swear 95% of the flash out there now is crap, but the other 5% is cool games I want to play :)
- Re:Any easy way to temporaily disable flash in IE? (Score:3, Interesting)
  
  by oyenstikker ( 536040 ) writes:
  
  www.homestarrunner.com completely justfies flash on its own.
- Re:Any easy way to temporaily disable flash in IE? (Score:1)
  
  by waylander ( 4478 ) writes:
  
  Google turned up this link on Macromedia's site: http://www.macromedia.com/support/flash/ts/documen ts/remove_player.htm [macromedia.com]
Macromedia Site tells nothing (Score:1, Interesting)

by Anonymous Coward writes:

I visited the site only to find nothing about the security hole. Crisis by denial? Download section also had nothing to tell you there was a security hole. Just one big nothing.
- Re:Macromedia Site tells nothing (Score:2)
  
  by zero_offset ( 200586 ) writes:
  
  Actually I gave up searching and just guessed the URL, and it worked: http://www.macromedia.com/security [macromedia.com]
More info (Score:5, Informative)

by Gogo Dodo ( 129808 ) writes: on Monday March 10, 2003 @03:08PM (#5478657)

For those looking for details on the vulnerability, see MPSB03-03 Security Patch for Macromedia Flash Player [macromedia.com].
The short answer is that you need to upgrade to Player 6,0,79,0 [macromedia.com] (why the heck Macromedia uses commas instead of periods is beyond me).

Share
twitter facebook
Macromedia Flash Player RPMS (Score:3, Informative)

by Laven ( 102436 ) writes: on Monday March 10, 2003 @04:11PM (#5479261)

http://macromedia.mplug.org [mplug.org]
Hi, I am the maintainer of the Macromedia Flash Player RPMS for Linux. The RPM packages have been updated a few days ago, available in apt and urpmi repositories for various Linux distributions.
The site has instructions for Gentoo and Debian Linux installation too.

Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Flash Security Hole 18

Flash Security Hole More Login

Flash Security Hole

If you use gentoo... (Score:3, Informative)

Re:If you use gentoo... (Score:1)

Nice irony... (Score:3, Funny)

conspiracy theorist (Score:1, Insightful)

Re:conspiracy theorist (Score:3, Insightful)

Re:conspiracy theorist (Score:2)

Re:conspiracy theorist (Score:2, Interesting)

Any easy way to temporaily disable flash in IE? (Score:2, Insightful)

Re:Any easy way to temporaily disable flash in IE? (Score:3, Interesting)

Re:Any easy way to temporaily disable flash in IE? (Score:1)

Macromedia Site tells nothing (Score:1, Interesting)

Re:Macromedia Site tells nothing (Score:2)

More info (Score:5, Informative)

Macromedia Flash Player RPMS (Score:3, Informative)

Related Links Top of the: day, week, month.

Slashdot Top Deals

Slashdot