1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Flash-based vulnerability lingers on many websites three years later

Discussion in 'Network World' started by RSS, Mar 24, 2015.

  1. RSS

    RSS New Member Member

    Flash files that are vulnerable to a serious flaw patched by Adobe Systems over three years ago still exist on many websites, exposing users to potential attacks.

    The vulnerability, known as CVE-2011-2461, was found in the Adobe Flex Software Development Kit (SDK) and was fixed by Adobe in November 2011. The development tool, which has since been donated to the Apache Software Foundation, allows users to build cross-platform rich Internet applications in Flash.

    The vulnerability was unusual because fixing it didn’t just require Flex SDK to be updated, but also patching all the individual Flash applications (SWF files) that had been created with vulnerable versions of the SDK.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page