A website that serves a JSONP endpoint that accepts a custom alphanumeric callback of 1200 chars can be abused to serve an encoded swf payload that steals the contents of a same-domain URL. Flash < 14.0.0.145 is required. This Metasploit module spins up a web server that, upon navigation from a user, attempts to abuse the specified JSONP endpoint URLs by stealing the response from GET requests to STEAL_URLS.
92e080f88fea448cf79daadcf325b642ed35659e502007b4093420f78d5d12d2Red Hat Security Advisory 2014-0860-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.
d4f79426b566a2c42a31c5d9793fb68209da6c0c128f48773d2ff30b2651623dGentoo Linux Security Advisory 201407-2 - Multiple vulnerabilities have been found in Adobe Flash Player, worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.394 are affected.
85044e4c9979d0547fd22338cf59dcb647f50a3f24cdfa49392874af319742d2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed