A few days ago me (@sneak_) and @_ikki gave a talk at the great Troopers 2015 conference about CVE-2011-2461. 2011??! Yes, you read it right: we love to analyze seasoned bugs. This bug is still exploitable in modern web browsers, with the latest Adobe Flash plug-in. In the case you are interested in client-side security, then we suggest you to take a look at: http://ift.tt/1x4ZZhY OR http://ift.tt/1H5nDLa The two links above are cross-posts, therefore you will find the same content on both. For pentesters: you will find a new vulnerability to look for in the next days. For Flex developers and site maintainers: you will understand how to patch vulnerable SWF files. Stay tuned, as we are going to release additional materials in the next days, including some real world exploitation cases against well-known domains. Cheers, Mauro and Luca
Source: Gmail -> IFTTT-> Blogger
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment