Eric Raymond wrote:
Here is a sample exploit. It requires you to trick the user into
clicking a link. But if you can do that some percent of the time,
with the aid of a flash decompiler to explore the app, you might be
able to do all sorts of interesting things.
Thanks, Eric. I suspect one
Semantics aside, flex applications tend to promote a type of
interaction that the majority of flash applications (in general) do not.
FYI, I mispoke hugely. The offending command is asfunction, not
fscommand.
Here is a sample exploit. It requires you to trick the user into
clicking a link.
2 matches
Mail list logo