mailing list archives
More SWF vulnerabilities?
From: Drew Daniels <umdanie8 () cc umanitoba ca>
Date: 19 Mar 2002 22:29:43 -0000
Vulnerable systems: unpatched "standalone Flash
players" (Macromedia Shockwave Flash player
versions before January 2002?)
Fix: "In response to the discovery of the virus, in
January Macromedia released an update to its
standalone Flash player that causes the player to
ignore the "exec" action."
Exploit Description: "Vengy's demo showed how
the "save" command could be used to create a batch
program on the hard disk of Flash standalone player
users who viewed a movie containing the Trojan
horse code. In the demo, the Trojan program
executed when the victim rebooted his or her
Credit: Vengy ? (cyber_flash () hotmail com ?)
"Vengy's advisory on the Flash "save" vulnerability is
at http://www.geocities.com/cyber_flash5/ ."
"Macromedia's technical note on the "exec" hole is at
"A description of the SWF/LFM-926 virus is at
I also tracked down this:
The SWF/LFM-926 virus exploites a related
ActionScript command known as fscommand:exec
which is in another vulnerability.
These seem to be different than bid 2162.
This is my first post to bugtraq and I am mearly trying
relaying information from another source in order that
vulnerabilities get the attention they deserve.
- More SWF vulnerabilities? Drew Daniels (Mar 20)