Rapid7 Vulnerability & Exploit Database

ActionScript Insecure Crypto

Back to Search

ActionScript Insecure Crypto

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
03/11/2005
Created
07/25/2018
Added
02/14/2010
Modified
06/20/2013

Description

A poor development practice was discovered due to the presence of specific function or variable name in the remote Adobe Flash application. These are examples of what's identified by the vulnerability check:

  • Usage of the insecure "md5" hashing algorithm to hash usernames or passwords.
  • Usage of obfuscation mechanisms.

Solution(s)

  • spider-actionscript-insecure-crypto

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;