Pen Testing capabilities of Flash Files

[roger.franks () middleeastadvertising com]

Good Day

Does anyone know of any work/papers/articles where a flash file is covertly used
to pen-test a persons PC's? We have a number of clients for whom we run
advertising campaigns for, who have loads of "extra scripts" enabled in the
flash files, I am talking about stuff like enabling audio which I guess allows
for the ability to listen to peoples audio channels..is this possible or indeed
legal? I guess this is an issue on client side security which I note allows for
such controls.

Roger Franks, Security Manager
Middle East Advertising - AlClick | http://www.middleeastadvertising.com
Dubai, United Arab Emirates | Tel:(9714) 319 7575, Fax: (9714) 319 7573

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.