Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Macromedia provided wrong "Solution" in mpsb02-08
From: Liu Die Yu <liudieyu () umbrella name>
Date: Sun, 28 Nov 2004 20:20:48 +0800

there exists a sentence in the "Solution" part of mpsb02-08 located at
For example, if the main page is served from macromedia.com, the wrapper page could be served from external.macromedia.com, and this would prevent any Macromedia Flash movies inside the wrapper page from accessing data associated with macromedia.com.

i think:
"Macromedia Flash movies inside the wrapper page" got document.domain equal to "external.macromedia.com", then they can invoke "getURL" to set document.domain equal to "macromedia.com", and start "accessing data associated with macromedia.com".


i was putting a flash tour on editive.com, and would like flash content hosted on to read editive.com cookie(where the language settings are stored). during googling, i came across this mistake in mpsb02-08.


Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • Macromedia provided wrong "Solution" in mpsb02-08 Liu Die Yu (Nov 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]