OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Obscure (obscureeyeonsecurity.net)
Date: Wed Jun 05 2002 - 16:28:39 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Note: Sorry for cross posting - but I think this concerns various discussion
    lists.

    [ Bypassing JavaScript Filters - the Flash! Attack ]

    In this paper we will be describing a loophole, with security
    implications, found in many web-sites that allow Flash documents to be
    embedded within HTML, or uploaded to the server. We will be describing
    how Web application developers make use of complex filters for HTML
    pages but tend to trust Flash content, and as a result introduce a
    security issue.

    More details:
    http://eyeonsecurity.net/papers/ 

    -- 
Best regards,
 Obscure                          mailto:obscureeyeonsecurity.net

    ------------------------------
   http://eyeonsecurity.net 
------------------------------