File: gardening.swf-(4.65 MB, 320x240, Other)
[_] new flash vuln, no patch, leave /f/ WARNING 07/07/15(Tue)23:12:25 No.2837700
There's a new 0-day flash vulnerability adobe hasn't patched yet. It's already being used for
crypto-locker ransom-ware, and affects all desktop OSs. Best not to use /f/ until it's all blown
over.
https://helpx.adobe.com/security/products/flash-player/apsa15-03.html
Marked for deletion (old).
>> [_] Anonymous 07/07/15(Tue)23:40:08 No.2837726
Did you make sure to put it in this flash file? I'll be disappointed if it's not.
>> [_] Anonymous 07/08/15(Wed)00:28:33 No.2837760
>>2837726
It is.
The trouble happens at the point he blows smoke at the cactus. There's a buffer overflow it tries
to execute. The worst part is Chrome and Firefox users won't see this, and upon success a bit of
mp3 substream data is leaked executing as shellcode and some ports are opened for probably
phone-home or marching orders or something.
Only Internet Exploder will choke if the overflow happens. Lucky fagnits.
Keep reposting this, should get interesting.
>> [_] Anonymous 07/08/15(Wed)01:07:06 No.2837783
>>2837760
opening ports in what? windows firewall?
>behind hardware firewall
get on my level /f/aggots
>> [_] Anonymous 07/08/15(Wed)02:13:41 No.2837823
>>2837783
No, not in Windows Failwall.
can't tell without capturing the embedded command stream - prolly wants to mimic admin and
rewrite SPI rules to allow 22 and 23 (would expect) and 514 & 6622, whatever they are.
>> [_] Anonymous 07/08/15(Wed)02:15:57 No.2837825
I Don't know why, but this guys Vids make me kek every time
>> [_] Anonymous 07/08/15(Wed)02:20:49 No.2837830
>>2837700
Ya see, Adobe this is why people want to get rid of you.
I MEEAANN
YA KNOOW
