lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <41A9C2A0.5070401@umbrella.name>
Date: Sun, 28 Nov 2004 20:20:48 +0800
From: Liu Die Yu <liudieyu@...rella.name>
To: bugtraq@...urityfocus.com, ntbugtraq@...urityfocus.com,
   full-disclosure@...ts.netsys.com
Subject: Macromedia provided wrong "Solution" in mpsb02-08


there exists a sentence in the "Solution" part of mpsb02-08 located at
http://www.macromedia.com/devnet/security/security_zone/mpsb02-08.html
-----
For example, if the main page is served from macromedia.com, the wrapper 
page could be served from external.macromedia.com, and this would 
prevent any Macromedia Flash movies inside the wrapper page from 
accessing data associated with macromedia.com.
-----

i think:
"Macromedia Flash movies inside the wrapper page" got document.domain 
equal to "external.macromedia.com", then they can invoke "getURL" to set 
document.domain equal to "macromedia.com", and start "accessing data 
associated with macromedia.com".

===============

i was putting a flash tour on editive.com, and would like flash content 
hosted on 209.203.227.117 to read editive.com cookie(where the language 
settings are stored). during googling, i came across this mistake in 
mpsb02-08.

http://editive.com/referrer

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ