Adobe Flash update available
Adobe has relased an update for a vulnerability in their Flash player.
CVE number is CVE-2006-5330, which isn't included in this month's MS06-069 adobe update from Microsoft.
http://www.adobe.com/support/security/bulletins/apsb06-18.html
Yet another thing to patch in the next few days.
Affected versions include 9.x, 8.x and 7.x .
If -after reading the adobe announcement are left wondering what modified HTTP headers of client requests can do to cause HTTP Request Splitting attacks, or what those are to start with, take a look at e.g.:
http://en.wikipedia.org/wiki/HTTP_Response_splitting
--
Swa Frantzen -- Section 66
0 comment(s)
CVE number is CVE-2006-5330, which isn't included in this month's MS06-069 adobe update from Microsoft.
http://www.adobe.com/support/security/bulletins/apsb06-18.html
Yet another thing to patch in the next few days.
Affected versions include 9.x, 8.x and 7.x .
If -after reading the adobe announcement are left wondering what modified HTTP headers of client requests can do to cause HTTP Request Splitting attacks, or what those are to start with, take a look at e.g.:
http://en.wikipedia.org/wiki/HTTP_Response_splitting
--
Swa Frantzen -- Section 66
×
Diary Archives
Comments