Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.



Windows 7: Poor Flash Design Decisions Put Users at Risk

18 Nov 2009   #1

Windows 7 ultimate 32bit OEM 6.1 Build7600
 
 
Poor Flash Design Decisions Put Users at Risk

Poor Flash Design Decisions Put Users and Websites at Risk

A security researcher stresses, despite of Adobe's rebuttal


Quote:
Adobe has recently rebutted the claims of a security researcher, according to whom a design flaw in the way Flash Player executes SWF files can put websites accepting user uploads at risk. The professional now says the company totally missed the point and that its expectations of webmasters to address this are completely unrealistic.

Almost two weeks ago, we reported about the security risks of misconfigured crossdomain.xml files. These files contain rules for Flash's cross-domain access policy. However, more recently, a security researcher named Mike Bailey has exposed an ever more dangerous issue with Flash's same origin policy.

A same origin policy is a security model according to which a script being executed from a domain can only access resources on the same domain. Mr. Bailey claimed that, while this held true for JavaScript, it differed when it came to ActionScript, the scripting language of Flash. The researcher has actually identified two separate design choices the Flash developers made, which, in his opinion, are flawed and open the door for various cross-site-scripting-like attacks.
full story
Poor Flash Design Decisions Put Users and Websites at Risk - A security researcher stresses, despite of Adobe's rebuttal - Softpedia

My System SpecsSystem Spec
.

Reply

 Poor Flash Design Decisions Put Users at Risk





Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:26 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33