• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Swfdec Untrusted Sandbox Remote Information Disclosure Vulnerability

Swfdec is prone to a remote information-disclosure vulnerability because the software fails to securely implement restricted sandboxes for Macromedia Flash animation files.

Successful exploits allow remote attackers to access the contents of arbitrary files located on computers running the affected software. Information harvested may aid in further attacks.

Versions prior to Swfdec 0.6.4 are vulnerable to this issue.