Macromedia Flash Undocumented Action File Access Vulnerability

Mar 08, 2002

An issue has been reported in Flash, which could allow for a remote user to access known local files. The undocumented FSCommand 'exec' action is used to execute external applications. In order to utilize this command, the absolute path to the requested application must be argumented. As a result an attacker could compose a malicious swf file and access a known file residing on the user's system.

Latest ColdFusion Talk (CF-Talk)

Checking arrays for any values
Preserve HTML format when inserting into HTML
CFParam vs IsDefined
Moving to Apache
Bind issues - observation
Authorization and Security for a web service
mySQL data types - possible db bloat with text type? yes or no?
Need some fresh eyes on an application
getting server name
Windows 2008 r2 server(64 bit ) and Web services

Latest ColdFusion Jobs (CF-Jobs)

ColdFusion Programmer - Full Time Job in North Brunswick, NJ
Cold Fusion Engineer Opportunity in Washington DC
Looking for Sr ColdFusion Developer - Washington, DC - Fed Project - Only GC & US Citizen are eligible!
Senior ColdFusion Developer - Los Angeles (Revised)
Coldfusion Developer - Los Angeles, CA
Cold Fusion - Jacksonville, FL
ColdFusion Developer Temp to Perm Benefits Navy Yard, VA Will Get TS/SCI
Cleared DC ColdFusion Developer Temp to Perm Benefits
Boston Sr ColdFusion Developer 1 year- perm FT Benefits vacation etc
Senior Coldfusion Developer - POLITICO - Arlington, VA

Want a number like 800-ColdFusion?

My Toll Free 800 Number provides a vanity phone number service to clients who want more than just digits. How would you like 800-coldfusion?