Having just integrated Macromedia’s Flash Player into its technology portfolio, Adobe issued a “critical” warning, advising Flash Player users to apply an update to prevent a possible denial of service attack.The exploit affects what’s called Flash remoting – essentially the provision of server-based application services via Flash, as opposed to via HTML, Active Server Pages or some other wrapper.

Though an exploit itself has not yet been discovered, Adobe engineers found that a certain form of Flash remoting command sent to ColdFusion servers (another acquired Macromedia technology) triggers an infinite loop process that will not stop itself.

In that state, without the server being able to return to its control program, an attacker could conceivably launch a malicious incursion.
By Scott M. Fulton, III, BetaNews