Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Patch against critical flaw in HD FLV Player still leaves the plug-in vulnerable

Patch against critical flaw in HD FLV Player still leaves the plug-in vulnerable

2014/12/11

Softpedia - (International) A researcher with Sucuri reported that a recent patch closing a vulnerability that could have allowed unauthenticated arbitrary file downloads in the HD FLV Player component for Joomla, WordPress, and custom Web sites did not close a similar vulnerability that could allow an unauthenticated attacker to send out emails from an affected site.

Source: http://news.softpedia.com/news/Patch-Against-Critical-Flaw-in-HD-FLV-Player-Still-Leaves-the-Plug-in-Vulnerable-467156.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:22:47