WebApp Sec mailing list archives
Testing Flash Applications
From: Stefano Di Paola <stefano.dipaola () wisec it>
Date: Mon, 21 May 2007 18:02:04 +0200
During the 6th OWASP AppSec Conference in Italy, I presented a research about testing for security vulnerabilities in Flash applications. Abstract: My work describes several security flaws in Flash Applications and bad habits in ActionScript coding, by analysing real world swf applications flaws and potential vulnerabilities that could lead to client side attacks. A new kind of attack called Cross Site Flashing is also explained. Blog Entry: http://www.wisec.it/sectou.php?id=464dd35c8c5ad Pdf Version: http://www.wisec.it/docs.php?id=5 Swf Version: http://www.wisec.it/docs.php?id=6 Any comment will be really appreciated. Regards, Stefano -- ...oOOo...oOOo.... Stefano Di Paola Software & Security Engineer Owasp Italy R&D Director Web: www.wisec.it ..................
Attachment:
signature.asc
Description: Questa รจ una parte del messaggio firmata digitalmente
Current thread:
- Testing Flash Applications Stefano Di Paola (May 22)