[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Is Flash Player 5 not vulnerable or not supported?... Macromedia Flash Player ActionDefineFunction Memory Corruption

To: Full Disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>, Ken S <ken.securitylist@xxxxxxxxx>, bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Is Flash Player 5 not vulnerable or not supported?... Macromedia Flash Player ActionDefineFunction Memory Corruption
From: Juha-Matti Laurio <juha-matti.laurio@xxxxxxxx>
Date: Mon, 7 Nov 2005 22:42:27 +0200 (EET)

All well known security companies and CERTs not list Flash Player 5.x at all, it seems they don't see that version as supported. Many advisories said today "Macromedia Flash Player 7.0.19.0 and prior" are affected.

From Macromedia itself:

Affected Software Versions
Flash Player 7.0.19.0 and earlier
http://www.macromedia.com/devnet/security/security_zone/mpsb05-07.html

Secunia lists MSIE5.01 as affected http://secunia.com/advisories/17481/ "Macromedia Flash Player included in Microsoft Internet Explorer", default installation has version 5 mentioned.

- Juha-Matti

I noticed that Flash Player 5 is not on the list of vulnerable software, but
is that becuase it truly isn't vulnerable? Or is it not on the list because
it is no longer supported?

Any input would be appreciated.

Thanks,

Ken


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] Is Flash Player 5 not vulnerable or not supported?... Macromedia Flash Player ActionDefineFunction Memory Corruption
Next by Date: [Full-disclosure] [OTAnn] Feedback
Previous by thread: [Full-disclosure] Is Flash Player 5 not vulnerable or not supported?... Macromedia Flash Player ActionDefineFunction Memory Corruption
Next by thread: [Full-disclosure] [OTAnn] Feedback
Index(es):
- Date
- Thread