Hi malware fighters,
It is possible to take over any browser within an accepted domain via a serious security hole combining Adobe Flash and Java. “Flash enables you to talk with everyone. So Adobe has rebuild the “same origin security model” so the site you visit has the same name. An attacker posing as at such a site, can do whatever he wants to do”, according to Dan Kaminsky. The hacker knew to abuse the vulnerability through a programing language from 1995.
“Every browser is the bug. Every browser is a proxy, every browser is a helpful spammer, every browser can be used for clickfraud”, as the researcher lets us know. Everything can be exploited from network to routers for attacks from inside a domain. Adobe is brooding on a fix, but Sun has not commented yet. See: http://blog.wired.com/27bstroke6/2007/10/why-hackers-lov.html
polonus