Description:
Versions Netscape Browser 8.0.3.3 and Netscape 7.2 are vulnerable due to
affected, default Flash Player version included during installation
process. File NPSWF32.dll (Flash v7.0.19.0) is copied to C:\Program
Files\Netscape\Netscape Browser\plugins and C:\Program
Files\Netscape\Netscape\plugins folders.
Affected plugin library file is from July 2005.
Solution:
Update Flash Player to version 8.0.22.0 with browser's Plugin Finder
Service manually.
CVE:
CAN-2005-2628 assigned earlier to Flash Player
It is possible to check the installed Flash version via About / Plugins
feature (Netscape 7.x) or with typing about:plugins to the browser
location bar (Netscape Browser 8.x). File version NPSWF32.dll mentioned
is the version of Macromodeia Flash Player plugin installed.
Method about:plugins works in both of these browsers.
Best regards,
Juha-Matti Laurio, Networksecurity.fi
Security researcher
Finland
http://www.networksecurity.fi/