Cross-site Scripting (XSS) in Shockwave Files

From TrustWiki

Cross Site Scripting (XSS) in Common Shockwave Files

Rich Cannings [1] has authored a paper titled "XSS Vulnerabilities in Common Shockwave Flash Files".
Critical vulnerabilities exist in a large number of widely used web authoring tools that automatically generate Shockwave Flash (SWF) files, such as Adobe (r) Dreamweaver (r), Adobe Acrobat (r) Connect (tm) (formerly Macromedia Breeze), InfoSoft FusionCharts, and Techsmith Camtasia. The flaws render websites that host these generated SWF files vulnerable to Cross-Site Scripting (XSS).

Retrieved from "http://www.seamlesstrust.org/trustwiki/index.php/Cross-site_Scripting_%28XSS%29_in_Shockwave_Files"

Views

Page
Discussion
View source
History

Personal tools

Search

Toolbox

What links here
Related changes
Upload file
Special pages
Printable version
Permanent link