Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Flash flaw potentially makes every webcam or laptop a PEEPHOLE

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as resolved.
mogs Flash flaw potentially makes every webcam or laptop a PEEPHOLE
Expert Contributor 18th Jun, 2013 21:15
Ranking: 2265
Posts: 6,266
User Since: 22nd Apr, 2009
System Score: 100%
Location: UK
SECURITY
Flash flaw potentially makes every webcam or laptop a PEEPHOLE
But it's a Google problem - Chrome only, insists Adobe
By John Leyden, 18th June 2013

A security flaw thought to have been fixed by Adobe in October 2011 has reappeared thanks to a new vulnerability involving Flash Player browser plug-ins.

The as yet unpatched vulnerability creates a means to seize control of webcams without permission before siphoning off video and audio from victims' PCs. The clickjack-style flaw was uncovered by security consultant Egor Homakov, who developed a harmless proof-of-concept exploit to underline his concerns and push for an early fix.

"This works precisely like regular clickjacking - you click on a transparent flash object, it allows access to Camera/Audio channel. Voila, attacker sees and hears you," Homakov explains in a blog post.

Adobe security team spokeswoman Heather Edell confirmed there was an issue but said it was limited to Flash Player for Google Chrome.

More to read at :-
http://www.theregister.co.uk/2013/06/18/flash_webc...

--

Post "RE: Flash flaw potentially makes every webcam or laptop a PEEPHOLE" has been selected as an answer.
MehulBhai RE: Flash flaw potentially makes every webcam or laptop a PEEPHOLE
Member 19th Jun, 2013 09:04
Score: 36
Posts: 12
User Since: 17th Jul 2011
System Score: N/A
Location: IN
I donot use chrome but it seems they have released an update.
See this http://community.norton.com/t5/Tech-Outpost/Flash-...
Was this reply relevant?
+1
-0
JonAlfred RE: Flash flaw potentially makes every webcam or laptop a PEEPHOLE
Member 19th Jun, 2013 09:51
Score: 7
Posts: 2
User Since: 17th Jun 2013
System Score: N/A
Location: NO
Has just been addressed by Secunia. Vendor patch: Update to version 27.0.1453.116.
Click About Google Chrome.

Secunia Advisory SA53867
Google Chrome Flash Plugin Clickjacking Vulnerability
http://secunia.com/advisories/53867/
Was this reply relevant?
+2
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer