[25671] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[Bypassing JavaScript Filters - the Flash! Attack]

daemon@ATHENA.MIT.EDU (Obscure)
Wed Jun 5 18:09:01 2002

Date: Wed, 5 Jun 2002 23:28:39 +0200
From: Obscure <obscure@eyeonsecurity.net>
Reply-To: Obscure <obscure@eyeonsecurity.net>
Message-ID: <16356453956.20020605232839@eyeonsecurity.net>
To: bugtraq@securityfocus.com, webappsec@securityfocus.com
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Note: Sorry for cross posting - but I think this concerns various discussion
lists.

[ Bypassing JavaScript Filters - the Flash! Attack ]

In this paper we will be describing a loophole, with security
implications, found in many web-sites that allow Flash documents to be
embedded within HTML, or uploaded to the server. We will be describing
how Web application developers make use of complex filters for HTML
pages but tend to trust Flash content, and as a result introduce a
security issue.

More details:
http://eyeonsecurity.net/papers/

-- 
Best regards,
 Obscure                          mailto:obscure@eyeonsecurity.net

------------------------------
   http://eyeonsecurity.net 
------------------------------


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[25671] in bugtraq

[Bypassing JavaScript Filters - the Flash! Attack]

daemon@ATHENA.MIT.EDU (Obscure)Wed Jun 5 18:09:01 2002

daemon@ATHENA.MIT.EDU (Obscure)
Wed Jun 5 18:09:01 2002