homepage Welcome to WebmasterWorld Guest from 54.163.72.86
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Code, Content, and Presentation / Flash and Shockwave
Forum Library, Charter, Moderator: open

Flash and Shockwave Forum

    
Adobe/Flash XSS exploit still not fixed
...even after 16 months warning regarding swf files
tangor




msg:3913203
 3:58 am on May 14, 2009 (gmt 0)

More than 16 months after researchers warned that critical vulnerabilities in Adobe Flash files leave websites vulnerable to phishing and other serious attacks, a wide array of pages - some hosted on Adobe.com itself - remain vulnerable.

The problem stems from buggy SWF files that generate banner ads and other animated content. In December 2007, a team of researchers discovered the files could be exploited by attackers to tamper with websites belonging to banks, government agencies and other trusted organizations. Over the next few months, the researchers repeatedly warned webmasters the problem would be difficult to fix, because it would require potentially millions of graphics files to be regenerated, often from scratch.

As reported at The Register

[theregister.co.uk...]

 

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / Flash and Shockwave
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved