« previous next »
Pages: [1]   Go Down

Author Topic: Are SWF (shock wave) files threats?  (Read 3270 times)

0 Members and 1 Guest are viewing this topic.

harrys

  • Guest
Are SWF (shock wave) files threats?
« on: December 12, 2008, 12:05:58 AM »
I was googling for garage door sensors last night and also watching the local online news station, and sometime in that time frame, the Avast siren went off.  The suspect file had an swf extension and was in the My_Documents/Application Data/Temp folder. I am guessing Avast picked it up when I enabled a script from a website as no scans were scheduled. Perhaps it was an FP from the news site or it was a bad guy from the garage sites? I had to enable a few scripts in Firefox to see the catalogs.  Beats me.

I thought shock wave files, if that's what it was, can't do much harm?

I didn't save it so I can't submit it for a 3rd part analysis. I always reload my OS from a backup image when things are suspect, so it's gone.

Just thought I'd ask.

Harry


« Last Edit: December 12, 2008, 12:08:10 AM by harrys »
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89061
  • No support PMs thanks
Re: Are SWF (shock wave) files threats?
« Reply #1 on: December 12, 2008, 12:28:16 AM »
There are vulnerabilities in old versions of the shockwave player so a swf file could I guess be crafted to exploit the vulnerability in the player and avast is detecting that exploit attempt.

Ensure you have the latest shockwave player version.

Visit this site http://secunia.com/software_inspector/, it requires JAVA and it checks for old vulnerable versions of some software.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11658
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: Are SWF (shock wave) files threats?
« Reply #2 on: December 12, 2008, 12:33:07 AM »
Oh yeah, swf (flash) files are commonly exploited nowadays...
If you have an up-to-date flash plugin, you should be safe but that doesn't change anything on the fact that the swf file itself may be compromised.
Logged
If at first you don't succeed, then skydiving's not for you.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89061
  • No support PMs thanks
Re: Are SWF (shock wave) files threats?
« Reply #3 on: December 12, 2008, 02:00:21 AM »
Thanks for the feedback Vlk.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

harrys

  • Guest
Re: Are SWF (shock wave) files threats?
« Reply #4 on: December 12, 2008, 04:12:23 PM »
Thanks all for the information.  My shockwave and flash players had been updated prior to the discovery. What bums me out is picking up the file in the first place. I use Firefox 3 with noscript and usually look at the siteadvisor ratings in Google. Must have slipped up somewhere.



Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89061
  • No support PMs thanks
Re: Are SWF (shock wave) files threats?
« Reply #5 on: December 12, 2008, 05:45:09 PM »
Ratings are subjective and really should be considered advisory, I prefer the WOT add-on for rating the google searches.

NoScript does block flash by default, but once you allow the site you allow flash or if you click on the flash button to display/run it so it too isn't a total protection option.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security
Pages: [1]   Go Up
« previous next »