¡à °³¿ä
  o Adobe Flash PlayerÀÇ ¿ø°ÝÄÚµå½ÇÇà ¹× Å©·Î½º»çÀÌÆ®°ø°Ý º¸¾È Ãë¾àÁ¡ ÇØ°á ¹öÀüÀÌ
    ¹ßÇ¥µÊ[1]
  o Á¶ÀÛµÈ Ç÷¡½¬ ÆÄÀÏ(.swf, .flv)·Î ÀÎÇÏ¿© Ãë¾à ¹öÀüÀÇ Flash Player »ç¿ëÀÚ´Â ÇÇ½Ì ¹×
    ¾Ç¼ºÄÚµå °¨¿°µîÀÇ ÇÇÇظ¦ ÀÔÀ» ¼ö ÀÖÀ½À¸·Î »ç¿ëÀÚÀÇ ÁÖÀÇ ¹× ÃֽŹöÀü ¼³Ä¡°¡ ±Ç°íµÊ

¡à ÇØ´ç ÇÁ·Î±×·¥
  o Adobe Flash Player 9.0.45.0 ÀÌÇÏ ¹öÀü
  o Adobe Flash Player 8.0.34.0 ÀÌÇÏ ¹öÀü
  o Adobe Flash Player 7.0.69.0 ÀÌÇÏ ¹öÀü

¡à ¼³¸í
  o ´ÙÀ½°ú °°Àº Adobe Flash PlayerÀÇ Ãë¾àÁ¡ÀÌ °ø°³µÈ »óÅÂÀÓ
   - CVE-2007-3456[2]: ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡
     ¡Ø Adobe Flash Player 9.0.45.0 ÀÌÇÏ ¸ðµç ¹öÀü ¿µÇâ
   - CVE-2007-3457[3]: Å©·Î½º»çÀÌÆ® ¿äû À§Á¶(CSRF:Cross-Site Request Forgery) Ãë¾àÁ¡
     ¡Ø Adobe Flash Player 8.0.34.0 ÀÌÇÏ ¹öÀü ¿µÇâ
   - CVE-2007-2022[4]: Opera ¹× Konqueror ºê¶ó¿ìÀú¿¡ »ç¿ëµÈ Flash Player ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡
     ¡Ø Adobe Flash Player 7.0.69.0 ÀÌÇÏ ¹öÀü
  o »ó±â Ãë¾àÁ¡À» ÀÌ¿ëÇÏ¿© Á¶ÀÛµÈ Ç÷¡½¬ ÆÄÀÏÀÌ »ðÀÔµÈ È¨ÆäÀÌÁö³ª À̸ÞÀÏÀ» Ãë¾à¹öÀü
    »ç¿ë ÇÇÇØÀÚ°¡ ¹æ¹® ¶Ç´Â Àо °æ¿ì ÇÇ½Ì ¹× ¾Ç¼ºÄÚµå °¨¿° µî ÇÇÇظ¦ ÀÔÀ» ¼ö ÀÖÀ½

¡à ÇØ°á¹æ¾È
  o Ãë¾àÁ¡ÀÌ º¸¿ÏµÈ ÃֽŠ¹öÀü ¼³Ä¡[5]
  o Ãë¾àÁ¡ÀÌ ÀÖ´Â ±¸¹öÀüÀÇ ÇÁ·Î±×·¥ ÀÌ¿ëÀÚ´Â ÇÇÇظ¦ ÁÙÀ̱â À§ÇÏ¿© ´ÙÀ½°ú °°ÀÌ ¾ÈÀüÇÑ ºê¶ó¿ì¡
    ½À°üÀ» ÁؼöÇØ¾ß ÇÔ
   - ½Å·ÚµÇÁö ¾ÊÀº À¥»çÀÌÆ® ¹æ¹® ¹× À̸ÞÀÏ ¿­¶÷ ÁÖÀÇ
   - °³ÀιæÈ­º®°ú ¹é½ÅÁ¦Ç°ÀÇ »ç¿ë µî

¡à Âü°í»çÀÌÆ®
  [1] http://www.adobe.com/support/security/bulletins/apsb07-12.html
  [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3456
  [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3457
  [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2022
  [5] http://www.adobe.com/kr/products/flashplayer

[Âü °í]

1. ¿ë¾î Á¤¸®
  o Adobe Flash Player : AdobeÞä°¡ °³¹ßÇÑ Flash ÆÄÀÏ Àç»ý ÇÁ·Î±×·¥
  o Flash : À̹ÌÁö, À½¼º ¹× µ¿¿µ»ó µîÀ» ÇϳªÀÇ ÆÄÀÏ ÇüÅ·ΠÀúÀåÇÏ´Â ¸ÖƼ¹Ìµð¾î µ¥ÀÌÅÍ Çü½Ä
  o Å©·Î½º»çÀÌÆ® ¿äû À§Á¶(CSRF:Cross-Site Request Forgery) : ÀÌ¿ëÀÚ°¡ ÀǵµÇÏÁö ¾ÊÀº HTTP
    ¿äûÀ» º¸³»´Â Ãë¾àÁ¡

2. ±âŸ ¹®ÀÇ»çÇ×
  o Çѱ¹Á¤º¸º¸È£ÁøÈï¿ø ÀÎÅͳÝħÇØ»ç°í´ëÀÀÁö¿ø¼¾ÅÍ : ±¹¹ø¾øÀÌ 118