Delfigo Security - Strong Authentication

  • Increase font size
  • Default font size
  • Decrease font size
Home IAMblog Security Vulnerabilities Adobe Flash Vulnerability ctd.

Adobe Flash Vulnerability ctd.

Steve Jobs reference in "Thoughts On Flash"  to "Symantec recently highlighted Flash for having one of the worst security records in 2009" peaked our curiosity. What exactly did Symantec say?

"Among the vulnerabilities discovered in 2009, a vulnerability affecting both Adobe Reader and Flash Player was the second most attacked vulnerability. This was also one of four zero-day vulnerabilities affecting Adobe plug-ins during 2009. Two of the vulnerabilities were in the top five attacked vulnerabilities for 2009."

The Symantec report references a SecurityFocus item further commenting on the vulnerability - "An attacker can exploit this issue by supplying a malicious Flash ('.swf') file or by embedding a malicious Flash application in a PDF file. Successful exploits may allow the attacker to execute arbitrary code in the context of the user running the affected application. Failed attempts will likely result in denial-of-service conditions."