MPSB03-08 Update to Flash Player Addressing Local Shared Object Security
Originally posted: December 16, 2003
Last updated: December 16, 2003
Summary
A recently discovered security flaw in the Internet Explorer and Opera browsers may allow improper access to certain local files. A potential exploit can then be created in association with the local Flash data file to allow a malicious user to gain access to information stored on the local machine.
Solution
Macromedia has released an updated version of Macromedia Flash Player (7,0,19,0) that can be downloaded from the Macromedia Player Download Center.
This new version stores local data in a way that a malicious user cannot access it from applications other than Flash Player. This ensures Flash movies are able to work properly with data saved to the local file system, but external applications, such as web browsers, are not.
Severity Rating
Macromedia categorizes this issue as an important update and recommends users update to the newest player.
Originally posted: December 16, 2003
Last updated: December 16, 2003
Summary
A recently discovered security flaw in the Internet Explorer and Opera browsers may allow improper access to certain local files. A potential exploit can then be created in association with the local Flash data file to allow a malicious user to gain access to information stored on the local machine.
Solution
Macromedia has released an updated version of Macromedia Flash Player (7,0,19,0) that can be downloaded from the Macromedia Player Download Center.
This new version stores local data in a way that a malicious user cannot access it from applications other than Flash Player. This ensures Flash movies are able to work properly with data saved to the local file system, but external applications, such as web browsers, are not.
Severity Rating
Macromedia categorizes this issue as an important update and recommends users update to the newest player.
Comment