Blog | G5 Cyber Security

Researcher Publishes Method for Bypassing Flash Local-with-filesystem Sandbox

A security researcher has published a simple method for bypassing one of the sandboxes that Adobe has implemented to prevent Flash files from taking unwanted or malicious actions on users PCs. Billy Rios s method involves using a specific protocol handler to access a local file and pass the contents to a server controlled by the attacker. Sandboxes have become a popular tool for software vendors who are looking for ways to prevent attackers from using their applications as launching pads for attacks elsewhere on a compromised machine.

Source: https://threatpost.com/researcher-publishes-method-bypassing-flash-local-filesystem-sandbox-010511/74821/

Exit mobile version