The Latest in IT Security

Rosetta Flash Attack Mitigated by the New Adobe Flash Player 14.0.0.145

08
Jul
2014

The latest update for Adobe Flash Player removes a security vulnerability, which could be leveraged to abuse JSONP endpoints by making a victim run arbitrary requests to high-profile exposed domains, accounts/books/maps.google.com among them, and leak sensitive data.

This could be done by using Rosetta Flash, a tool that converts a Flash file, which is binary, into one composed of just alphanumeric characters, making its interception more difficult. The utility achieves this by returning an e…

Related posts:
  1. Adobe Patches Flash Player to Prevent “Rosetta Flash” Attacks
  2. A Technical Analysis on the Exploit for CVE-2011-2110 Adobe Flash Player Vulnerability
  3. Adobe Updates Flash Player 12 to Address Two Vulnerabilities
  4. CVE-2011-2110 for Adobe Flash Player being exploited in the wild
  5. Google, Twitter, Tumblr fix bug exposing users to data-stealing Flash attack

Tags:  
Written by Softpedia
0 Comments
Comments are closed.

Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments