Adobe Flash zero-day exploit in the wild
Posted on May 28th, 2008 at 1:48 pmMalware hunters have spotted a previously unknown — and unpatched — Adobe Flash vulnerability being exploited in the wild.
The zero-day flaw has been added to the Chinese version of the MPack exploit kit and there are signs that the exploits are being injected into third-party sites to redirect targets to malware-laden servers.
Technical details on the vulnerability are not yet available. Adobe’s product security incident response team is investigating.
This SecurityFocus advisory warns:
Adobe Flash Player is prone to an unspecified remote code-execution vulnerability.
An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Adobe Flash Player 9.0.115.0 and 9.0.124.0 are vulnerable; other versions may also be affected.
Leave a Reply
You must be logged in to post a comment.