---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Adobe Flash Player CRLF Injection Vulnerabilities SECUNIA ADVISORY ID: SA22467 VERIFY ADVISORY: http://secunia.com/advisories/22467/ CRITICAL: Less critical IMPACT: Security Bypass WHERE: >From remote SOFTWARE: Adobe Flash Player 9.x http://secunia.com/product/11901/ Macromedia Flash Player 7.x http://secunia.com/product/2634/ Macromedia Flash Player 8.x http://secunia.com/product/6153/ DESCRIPTION: Rapid7 has reported some vulnerabilities in Adobe Flash Player, which can be exploited by malicious people to bypass certain restrictions. Input passed to the "XML.addRequestHeader()" ActionScript function and the "XML.contentType" attribute is not properly sanitised before being used. This can be exploited to bypass certain restrictions via CRLF character sequences and inject arbitrary HTTP headers in a request. Successful exploitation may e.g. make it easier to perform CSRF (Cross-Site Request Forgery) attacks. The vulnerabilities are reported in version 9.0.16 for Windows and 7.0.63 for Linux. According to the vendor, all current versions from 7.x through 9.x are affected. SOLUTION: The vendor is currently working on a fixed version. PROVIDED AND/OR DISCOVERED BY: Marc Bevand, Rapid7. ORIGINAL ADVISORY: Adobe Systems: http://www.adobe.com/support/security/advisories/apsa06-01.html Rapid7: http://www.rapid7.com/advisories/R7-0026.jsp ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------