Flash plugin 0-day vulnerability in the wild
drago01
drago01 at gmail.com
Mon Jan 26 12:48:44 UTC 2015
On Mon, Jan 26, 2015 at 1:40 PM, Martin Stransky <stransky at redhat.com> wrote:
> On 01/23/2015 10:51 AM, Martin Stransky wrote:
>>
>> Folk,
>>
>> There's a live 0-day flash vulnerability which is not fixed yet [1][2].
>> If you use flash plugin I recommend you to enable the click-to-play mode
>> for it.
>>
>> There's also a Fedora Firefox update with such change [3].
>>
>> ma.
>>
>> [1]
>>
>> https://isc.sans.edu/diary/Flash+0-Day+Exploit+Used+by+Angler+Exploit+Kit/19213
>>
>> [2]
>>
>> http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html
>>
>> [3] https://bugzilla.redhat.com/show_bug.cgi?id=1185241
>
>
> This vulnerability has got CVE-2015-0311 name [1]. Thx to drago01 to point
> that out. Unfortunately it's still unfixed by Adobe and latest flash for
> Linux/Firefox (11.2.202.438) is still vulnerable.
The latest one is 11.2.202.440 ... which is supposed to have the fix.
More information about the devel
mailing list