Bop5 Releases A Fix For The Flash Uploader

[Ozzy47]

If you weren't aware an exploit was found in the flash uploader (uploader.swf) file supplied with vBulletin 4.x. This file was part of the Yahoo YUI 2 package and Yahoo will not be fixing the exploit- Yahoo instructs anyone to remove the file since they no longer use Flash.

Officially vBulletin says it is better to replace the file with an empty file of the same name.
Official announcement here: http://www.vbulletin.com/forum/forum...n-uploader-swf

So BirdOPrey5 has released a fix for this but there is some restrictions to it, you can read about it and get it here, http://www.vbulletin.org/forum/showthread.php?t=306915

Read the original news thread here.

 

[Alan_SP]

[MENTION=1]Ozzy47[/MENTION] you made link wrongly. It looks to outside that it points to vborg, but it actually points to vbcom. I needed to select and copy link's text, as clicking doesn't go where it's intended.

 

[Ozzy47]

That's a strange one, I will have to see what's up with that. :confused1: