Flash applications run locally can read local files and send them to an online server - something which the sandbox is supposed to prevent. Flash includes a number of sandboxes which impose restrictions depending on the origin of, and access rights for, the SWF file. Local SWF files, for example, run within the local-with-file-system sandbox, are permitted to access local files. They are not able to access the network, so a malicious SWF applet should not be able to send local data to a remote server. However, an H Security specialist has determined that Adobe controls access to the network using a blacklist of protocol handlers. Protocols such as HTTP and HTTPS are blacklisted. He reports it is in principle possible to send files to a server using the file: protocol handler, but that this is only possible within the local area network. He has identified another protocol handler which can be used to send data to remote servers - mhtml.
Source: http://www.h-online.com/security/news/item/Flash-Player-sandbox-can-bebypassed-%201164376.html
No comments:
Post a Comment