DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!
   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
July 16, 2019 
Main Menu
News archives

Who's Online
There are currently 189 people online.


Latest Reviews
Ewin Racing Flash gaming chair
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset

Follow us

Critical hole patched in Adobe Flash Player

Posted on Wednesday, July 09 2014 @ 14:25:38 CEST by

Adobe Flash
Google engineer Michele Spagnuolo discovered a dangerous security flaw in Adobe's Flash plug-in that could allow hackers to steal your browser cookies and other other data. The security issue has been known for quite some time but was considered low priority because no known exploit existed. Spagnuolo explains the exploit isn't the result of weaknesses in JSONP or a specific vulnerability in Flash, the result is achieved by combining two otherwise harmless features in way that creates a security issue. You can learn more about the exploit at ARS Technica.
The attack relies on behavior that has existed for years that allows the binary contents of a common shockwave file—a throwback term for Flash files that's better known simply as SWF—to be converted into an equivalent file based solely on alphanumeric characters. The conversion typically happens to compress a SWF file so it works with websites that use a technique known as JSONP—or JSON with padding—to set browser cookies and perform other tasks.

A new proof-of-concept tool dubbed Rosetta Flash uses a creative combination of encoding algorithms to construct character-only representations of SWF files that contain malicious commands. Among other things, malicious SWF files spawned by the tool can use the visitor's Flash application to send Web requests that can access authentication cookies and other files set by other websites that use JSONP. This exfiltration works as a result of Flash being able to bypass the Same Origin Policy, which is in place to stop these kinds of cross domain requests. As a result, a malicious website hosting a booby-trapped SWF file could use authentication cookies that were previously set by eBay and other vulnerable sites to make authenticated data requests on behalf of the person visiting the attack site.
Fortunately, Adobe already made a patch available that mitigates the attack. Large websites are also working on ways to prevent the attack to protect users who haven't updated their version of Flash yet, vulnerable places includes sites like eBay, Tumblr, and Instagram.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2019 DM Media Group bvba