A newly discovered flaw in the Flash suite could put both users and servers at risk, according to some recent reports. Adobe has verified the hole, which lies inside any Flash-based application that allows people to upload their own content. Though some details are omitted, the flaw would allow someone to upload a malicious Flash object to a site, which in turn would be downloaded and processed by people visiting the site. According to one security expert, any site relying on user uploads through Flash could be vulnerable.

Adobe is contending that it is not entirely their issue. Other active scripting could also be made vulnerable, such as JavaScript or Silverlight, along with any site that relies on these to provide a mechanism for users to upload files. Because of that, Adobe said the problem is not fixable through a Flash update. Instead, it is on the shoulders of administrators whose servers use Flash. Adobe also suggests it is the responsibility of app developers to be security-minded and prevent this sort of thing from happening.

More: http://www.techspot.com/news/36958-dangerous-unpatchable-flaw-discovered-in-adobe-flash.html