CNET site compromised by malware

Technology news site CNET has been compromised and is hosting malware, according to a security alert issued by a web monitoring company.

The Javascript code is hosted in the Clientside Developer Blog and will attempt to get on visitors' computers by inserting itself through improperly patched browsers using an iFrame attack.

The malware uses a known integer overflow vulnerability in Adobe Flash.

Software that is vulnerable includes Adobe Flash Player, 9.0.115.0, and previous, Adobe Flex 3.0 and Adobe, AIR, 1.0.