Flash-based XSS Attacks
Critical vulnerabilities exist in a large number of widely used web authoring tools that automatically generate Shockwave Flash (SWF) files, such as Adobe (r) Dreamweaver (r), Abobe Contribute (r), Adobe Acrobat (r) Connect (tm) (formerly Macromedia Breeze), InfoSoft FusionCharts, and Techsmith Camtasia.
These flaws render websites that host these generated SWF files vulnerable to Cross-Site Scripting (XSS).
Cross Site Scripting (XSS) is an attack on users of a web application. If a web application is vulnerable to XSS, and an attacker lures a user of the vulnerable web application to click on a link, then the attacker gains complete control of the user's session in the web application. The attacker can use JavaScript to perform any action on behalf of the user (for example, perform a transaction on an online banking system) or change the way the website appears to the user (for example, perform a phishing attack).
- Blocks Flash (and other plugins) by default when the content comes from an untrusted web site
- Blocks Flash (and other plugins) by default when content from a trusted website is embedded in an untrusted page - this prevents embedded Flash XSS
- Checks cross sites requests for script injection and sanitizes them as needed. This way it prevents reflected XSS, included the Flash variants
Most recent NoScript versions ship with Flash, Silverlight and all the other plugin content handlers (e.g. the Quicktime plugin) disabled by default on unknown sites in order to prevent Flash-based XSS and other plugin-based attacks.
More Info:
http://noscript.net/
http://hackademix.net/2008/01/06/flash-xss-protection-for-users/
Cross-site scripting from Wikipedia
No comments:
Post a Comment