[Bypassing JavaScript Filters - the Flash! Attack]

From: Obscure (obscureat_private)
Date: Wed Jun 05 2002 - 14:28:39 PDT

Next message: Peter Gründl: "KPMG-2002019: BlackICE Agent not Firewalling After Standby"

Previous message: finelliat_private: "Some vulnerabilities in the Telindus 11xx router series"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Note: Sorry for cross posting - but I think this concerns various discussion
lists.

[ Bypassing JavaScript Filters - the Flash! Attack ]

In this paper we will be describing a loophole, with security
implications, found in many web-sites that allow Flash documents to be
embedded within HTML, or uploaded to the server. We will be describing
how Web application developers make use of complex filters for HTML
pages but tend to trust Flash content, and as a result introduce a
security issue.

More details:
http://eyeonsecurity.net/papers/

-- 
Best regards,
 Obscure                          mailto:obscureat_private

------------------------------
   http://eyeonsecurity.net 
------------------------------

Next message: Peter Gründl: "KPMG-2002019: BlackICE Agent not Firewalling After Standby"
Previous message: finelliat_private: "Some vulnerabilities in the Telindus 11xx router series"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jun 05 2002 - 15:04:35 PDT