Fx{r} is trying to start the Fx{r} Community! Please join our group on Adobe Groups following this link: http://groups.adobe.com/groups/ab29539ab9.
Fx{r} is now on Twitter too. Follow us @ twitter.com/fx_r!
« We’ve been at FlexCamp Bucharest Romania 2008
» Alternativa 3D - two new examples

ActionScript, Bugs, Flash, Flex in the world, Flex news, Security

Flash NULL pointer exploit

Virgil Cristea | 18.04.08 | Comment?

The paper “Application-Specific Attacks: Leveraging the ActionScript Virtual Machine” written by Mark Dowd in which he describes various techniques that promise to open up a class of exploits and vulnerability research previously thought to be prohibitively difficult. While the Flash vulnerability described in the paper [pdf] has been patched by Adobe, the presentation of a reliable exploit for NULL pointer dereferencing has the researchers who have read the paper fascinated. Thomas Ptacek has an explanation of Dowd’s work, and Nathan McFeters at ZDNet is ‘stunned by the technical details

Share and Enjoy:
  • TwitThis
  • Technorati
  • StumbleUpon
  • del.icio.us
  • NewsVine
  • Reddit
  • Digg
  • Furl
  • co.mments
  • blogmarks
  • Slashdot
  • description
  • Taggly
  • YahooMyWeb
  • connotea
  • Webride




Tags: , , ,

This post was written by Virgil Cristea

Views: 2360

related

have your say

Add your comment below, or trackback from your own site. Subscribe to these comments.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="">

:

:


« We’ve been at FlexCamp Bucharest Romania 2008
» Alternativa 3D - two new examples