Quote

Release date: February 11, 2010

A critical vulnerability has been identified in Adobe Flash Player version 10.0.42.34 and earlier. This vulnerability (CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests.

Affected software versionsAdobe Flash Player 10.0.42.34 and earlier versions
Adobe AIR 1.5.3.1920 and earlier versions

download page
ZIP package

For most of you the below instruction is superfluous but nevertheless it might be useful for some noobs.

Extract the content of the zip.
Among the extracted files you will find the standalone player and the file "Install Flash Player 10 Plugin.exe".
You can now extract from the latter the browser plugin (NPSWF32.dll) bei using UniExtract or 7z.



Edited 1 time(s). Last edit at 02/14/2010 08:25AM by disrupted.

http://www.adobe.com/support/security/bulletins/apsb10-06.html

"the attacker would be able to execute a general class of cross-site request forgery type of attacks..."

This is an off-cycle patch. Normally Adobe only patches quarterly.

N

http://www.adobe.com/software/flash/about/

Adobe Flash 10,0,45,2 released is a security update


At the very least, you should update your NPSWF32.DLL file in KM's Plugins folder.

N

flashswitcher has been updated to latest 10.0.45.2 (available from web dev page). flashplugin(standalone) has been updated available from browser plugins page.

as always the npswf32.dll has been hexed to enable saving embedded videos in the tmp directory as *.tmp files instead of getting deleted as soon as the video has stop playing
http://kmext.sf.net/scripts/hexingflash

special thanks to andy from ferretsofthttp://ferretsoft.active.ws/ for the tip

disrupted,

I don't know what hex program you use, but I use an old DOS one.

So when you find this hex string:

14 6A 02 6A 00

you patch it by changing it to:

10 6A 02 6A 01

At least that is what I think you do??? Am I close or???

Tks.

N

Thanks for the info Yogi.

For the dwindling numbers of 9x users, the flash9-plugin has been updated too:
http://kb2.adobe.com/cps/406/kb406791.html

The "Netscape" one is for KM. The download is an exe-file but can simply be unzipped with 7zip, to get the new plugin NPSWF32.dll (version 9-0-262-0)

Quote
ndebord
disrupted,

I don't know what hex program you use, but I use an old DOS one.

So when you find this hex string:

14 6A 02 6A 00

you patch it by changing it to:

10 6A 02 6A 01

At least that is what I think you do??? Am I close or???

Tks.

Disrupted may confirm me or not.
As far as I can see you are right
You can verify the MD5 of your patched file with that of Disrupted's one.
The tool he used is AXE.

You can use several freeware editors for this purpose. HEXEdit comes to my mind but it's just one of many.



Edited 1 time(s). Last edit at 02/14/2010 10:16PM by Yogi.

Quote
Yogi


Disrupted may confirm me or not.
As far as I can see you are right
You can verify the MD5 of your patched file with that of Disrupted's one.
The tool he used is AXE.

You can use several freeware editors for this purpose. HEXEdit comes to my mind but it's just one of many.

Yogi,

Thanks... just wanted to make sure. As for the hex editor, I use a very old one.

dBUG V 2.0 (c) 1984,1988 William Schroeder

N

there's no need to hex out the flash plugin if you've downloaded it or flash switcher from kmext..they have been hexed already, it was just a reference for the future if anyone needs it

that was an ancient abandonware version of axe which still works great, it comes with own free serial but there's not much point cause there are many good freeware alternatives now.

this is what i normally use:
http://www.mitec.cz/hex.html

Quote
disrupted(unlogged)
there's no need to hex out the flash plugin if you've downloaded it or flash switcher from kmext..they have been hexed already, it was just a reference for the future if anyone needs it

that was an ancient abandonware version of axe which still works great, it comes with own free serial but there's not much point cause there are many good freeware alternatives now.

this is what i normally use:
http://www.mitec.cz/hex.html

disrupted,

Yes, I did use your patched version at first, then I got bored and decided to patch one myself, just to see if it would work!

N

Mmmmh... I don't have this .dll in plugins folder of KM. Player Flash works smoothly! ???

I extracted NPSWF32.dll and I copied it in KM plugins folder, but, (from about:plugins) KM always use old version (r42):

Quote
about:plugins
Shockwave Flash

File name: NPSWF32.dll
Shockwave Flash 10.0 r42

I see this file is in Windows' directory.
Maybe I have to overwrite this file?

Thanks.

that's not right, kmeleon or any gecko will never use the global plugin if it finds one in its plugins folder.. did you try to replace the plugin when the browser was running? you can not replace a dll when it's been called like a flash website.

try again, make sure the browser is closed(including loader if applicable), replace the dll and make sure it was over-written, you can check that by right clicking on npswf.dll and checking the versions in porperty sheet

also do this, go to about:config and search for this pref:
plugin.expose_full_path
set it to true

open about plugins page(help>about plugins)
and see the path for the npswf32.dll..it should be pointing to the one in your plugins folder

Quote
disrupted
[...] try again, make sure the browser is closed(including loader if applicable)[...]

Thanks, disrupted, I was a fool: the problem was that I did it with KM open!

Quote
disrupted
...also do this, go to about:config and search for this pref:
plugin.expose_full_path
set it to true

I didn't know this trick: now I can see full path.
Sorry, but I'm novice user of KM.

Thanks again.