Rich Cannings has published an advisory on the Web Security Mailing List
describing a flaw on common flash authoring tools allowing for XSS. From his advisory
"THE PROBLEM
Many web authoring tools that automatically generate SWFs insert
identical and vulnerable ActionScript into all saved SWFs or necessary
controller SWFs (think of tools that "save as SWF", "export to SWF",
etc.). The vulnerable ActionScript can used by attackers to execute
arbitrary JavaScript in the security domain of the website hosting the
SWF.
We were unable to perform an exhaustive review of all authoring tools
that generate SWFs. More XSS issues may exist in the products listed
below and certainly exist in other applications that save to SWF.
We are only reporting XSS vulnerabilities that have been fixed by the
vendors. There are more products vulnerable. We will publish more
information when the vendor releases fixes."
Email Link: http://www.webappsec.org/lists/websecurity/archive/2008-01/msg00001.html
