Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-Disclosure] Macromedia provided wrong "Solution" in mpsb02-08

from [Liu Die Yu] Network Security [Permanent Link]
Subject: [Full-Disclosure] Macromedia provided wrong "Solution" in mpsb02-08
Date: Sun, 28 Nov 2004 20:20:48 +0800
there exists a sentence in the "Solution" part of mpsb02-08 located at
http://www.macromedia.com/devnet/security/security_zone/mpsb02-08.html
-----
For example, if the main page is served from macromedia.com, the wrapper page could be served from external.macromedia.com, and this would prevent any Macromedia Flash movies inside the wrapper page from accessing data associated with macromedia.com.
-----

i think:
"Macromedia Flash movies inside the wrapper page" got document.domain equal to "external.macromedia.com", then they can invoke "getURL" to set document.domain equal to "macromedia.com", and start "accessing data associated with macromedia.com".

===============

i was putting a flash tour on editive.com, and would like flash content hosted on 209.203.227.117 to read editive.com cookie(where the language settings are stored). during googling, i came across this mistake in mpsb02-08.

http://editive.com/referrer

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-Disclosure] Macromedia provided wrong "Solution" in mpsb02-08, Liu Die Yu <=
Previous by Date:  Microsoft Help ActiveX Control Related Topics Local Content Accessing Vulnerability, Paul
Next by Date:  [Full-Disclosure] Address Bar Spoofing on Double Byte Character Set Locale Vulnerability (CAN-2004-0844) Patched in MS04-038, Liu Die Yu
Previous by Thread:  Microsoft Help ActiveX Control Related Topics Local Content Accessing Vulnerability, Paul
Next by Thread:  [Full-Disclosure] Address Bar Spoofing on Double Byte Character Set Locale Vulnerability (CAN-2004-0844) Patched in MS04-038, Liu Die Yu
Indexes:  [Date] [Thread] [Top] [All Lists]