RE: EEYE: Macromedia Shockwave Flash Malformed Header Overflow

From: Mike Chambers (mchamberat_private)
Date: Fri Aug 09 2002 - 14:44:27 PDT

Next message: Mark J Cox: "Apache 2.0 vulnerability affects non-Unix platforms"

Previous message: Matthew Murphy: "Cross-Site Scripting Issues in Falcon Web Server"
In reply to: Scott Lampert: "Re: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Next in thread: Richard M. Smith: "RE: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Next in thread: Tim Jackson: "Re: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Reply: Richard M. Smith: "RE: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Reply: Carlos Laviola: "Re: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The linux and solaris updates will be avaliable later today.

You will be able to download it at:
www.macromedia.com/go/getflashplayer/ 

mike chambers

meshat_private

> -----Original Message-----
> From: Scott Lampert [mailto:scottat_private] 
> Sent: Friday, August 09, 2002 3:45 PM
> To: BUGTRAQ
> Subject: Re: EEYE: Macromedia Shockwave Flash Malformed 
> Header Overflow
> 
> 
> On Thu, Aug 08, 2002 at 05:26:20PM -0700, Marc Maiffret wrote:
> > Vendor Status:
> > Macromedia has released a patch for this vulnerability, 
> available at:
> > 
> http://www.macromedia.com/v1/handlers/index.cfm?ID=23293&Metho
d=Full&Title=M
>
PSB02%2D09%20%2D%20Macromedia%20Flash%20Malformed%20Header%20Vulnerabili
ty%2
> 0Issue&Cache=False
> 
> Discovery: Drew Copley
> Exploitation: Riley Hassell
> 

As far as I can see there is no update to the UNIX versions.  The files
are all dated March 25.  The bulletin describes version 6 of the Flash
player as the fix, however that doesn't seem to be available for
anything other than Windows and Mac.  Am I missing something?
    -Scott

-- 
Scott Lampert
<scottat_private>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, 1759

Public Key: http://www.lampert.org/public_key.asc

Next message: Mark J Cox: "Apache 2.0 vulnerability affects non-Unix platforms"
Previous message: Matthew Murphy: "Cross-Site Scripting Issues in Falcon Web Server"
In reply to: Scott Lampert: "Re: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Next in thread: Richard M. Smith: "RE: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Next in thread: Tim Jackson: "Re: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Reply: Richard M. Smith: "RE: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Reply: Carlos Laviola: "Re: EEYE: Macromedia Shockwave Flash Malformed Header Overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Aug 09 2002 - 15:09:08 PDT