>From the slides, it looks like there are .swfs in the wild compiled with the old, unpatched SDKs. This is not a new vulnerability discovery. It is highly recommended that everyone upgrades their Flex SDK to the latest version: 4.14.1 and recompile all their swfs before deploying.
Thanks, Om On Mon, Nov 23, 2015 at 8:32 AM, mscharp1 <sch...@comcast.net> wrote: > http://securityaffairs.co/wordpress/35234/hacking/adobe-cve-2011-2461.html > > This just got flagged by my company's security group. I don't know if they > actually tested anything or just saw this. Has this been mitigated by > apache's versions of flex? > > Thanks > > > > -- > View this message in context: > http://apache-flex-development.2333347.n4.nabble.com/Does-Apache-s-version-of-Flex-solve-cve-2011-2461-tp50268.html > Sent from the Apache Flex Development mailing list archive at Nabble.com. >
