[37547] in bugtraq
Macromedia provided wrong "Solution" in mpsb02-08
daemon@ATHENA.MIT.EDU (Liu Die Yu)
Mon Nov 29 14:14:59 2004
Message-ID: <41A9C2A0.5070401@umbrella.name>
Date: Sun, 28 Nov 2004 20:20:48 +0800
From: Liu Die Yu <liudieyu@umbrella.name>
MIME-Version: 1.0
To: bugtraq@securityfocus.com, ntbugtraq@securityfocus.com,
full-disclosure@lists.netsys.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
there exists a sentence in the "Solution" part of mpsb02-08 located at
http://www.macromedia.com/devnet/security/security_zone/mpsb02-08.html
-----
For example, if the main page is served from macromedia.com, the wrapper
page could be served from external.macromedia.com, and this would
prevent any Macromedia Flash movies inside the wrapper page from
accessing data associated with macromedia.com.
-----
i think:
"Macromedia Flash movies inside the wrapper page" got document.domain
equal to "external.macromedia.com", then they can invoke "getURL" to set
document.domain equal to "macromedia.com", and start "accessing data
associated with macromedia.com".
===============
i was putting a flash tour on editive.com, and would like flash content
hosted on 209.203.227.117 to read editive.com cookie(where the language
settings are stored). during googling, i came across this mistake in
mpsb02-08.
http://editive.com/referrer
