Date: Mon, 12 Mar 2012 20:35:52 -0700 From: Yuri <yuri@rawbw.com> To: freebsd-emulation@FreeBSD.org Subject: flashplugin11 goes around the proxy: is this considered a significant security vulnerability? Message-ID: <4F5EC098.3000602@rawbw.com>
next in thread | raw e-mail | index | archive | help
I have set up the proxy server on FreeBSD, set it in chrome browser in Ubuntu, and went to the complex flash site playing video. In the middle of the run when htmls loaded but flash didn't yet start to play I killed the proxy. I expected that flash video will fail. But after a while it still plays video from the internet. Obviously, flash 11.1.102.63 ignores the proxy settings and connects directly. Even though ZDNet article http://www.zdnet.com/blog/security/adobe-plugs-dangerous-flash-player-security-holes/5104 claimed that this security vulnerability had been fixed in flash 10 in late 2009. FreeBSD uses very close flash 11 binary (11.1r102.62). So it must suffer from the same vulnerability. Yuri
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F5EC098.3000602>