Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Two new Flash Player zero-day bugs found in Hacking Team leak

Two new Flash Player zero-day bugs found in Hacking Team leak

2015/07/13

Securityweek - (International) Security researchers discovered exploits for two additional Adobe Flash Player zero-day vulnerabilities in the recent Hacking Team data leak, including a flaw in the DisplayObject class in ActionScript 3, and a use-after-free (UAF) vulnerability in the ActionScript3 BitmapData object. Both vulnerabilities allow a remote, unauthenticated attacker to execute arbitrary code on an affected system. [ed.: For more, see this post in the Optimal Security blog.]

Source: http://www.securityweek.com/two-new-flash-player-zero-day-bugs-found-hacking-team-leak

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:41