Re: EEYE: Macromedia Shockwave Flash Malformed Header Overflow

From: Scott Lampert (scottat_private)
Date: Fri Aug 09 2002 - 12:44:38 PDT

Next message: Mark J Cox: "Apache 2.0 vulnerability affects non-Unix platforms"

Previous message: Mark J Cox: "[Full-Disclosure] Apache 2.0 vulnerability affects non-Unix platforms"
In reply to: Marc Maiffret: "EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Next in thread: Mike Chambers: "RE: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Reply: Mike Chambers: "RE: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Reply: Tim Jackson: "Re: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Aug 08, 2002 at 05:26:20PM -0700, Marc Maiffret wrote:
> Vendor Status:
> Macromedia has released a patch for this vulnerability, available at:
> http://www.macromedia.com/v1/handlers/index.cfm?ID=23293&Method=Full&Title=M
> PSB02%2D09%20%2D%20Macromedia%20Flash%20Malformed%20Header%20Vulnerability%2
> 0Issue&Cache=False
> 
> Discovery: Drew Copley
> Exploitation: Riley Hassell
> 

As far as I can see there is no update to the UNIX versions.  The files
are all dated March 25.  The bulletin describes version 6 of the Flash
player as the fix, however that doesn't seem to be available for
anything other than Windows and Mac.  Am I missing something?
    -Scott

-- 
Scott Lampert
<scottat_private>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, 1759

Public Key: http://www.lampert.org/public_key.asc

application/pgp-signature attachment: stored

Next message: Mark J Cox: "Apache 2.0 vulnerability affects non-Unix platforms"
Previous message: Mark J Cox: "[Full-Disclosure] Apache 2.0 vulnerability affects non-Unix platforms"
In reply to: Marc Maiffret: "EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Next in thread: Mike Chambers: "RE: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Reply: Mike Chambers: "RE: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Reply: Tim Jackson: "Re: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 09 2002 - 14:21:14 PDT