News Web Server Security Phishing Database Security Application Server Security Library Vulnerability Archive Secure Development Web Services Pen Test AJAX Application Firewalls
Main -> Internet Security News
TOPIC'S
Advertising
Old News
About
Resume
Contact
FAQ
Irc
Links
Articles
Translate
Interviews
Commentary
Books
Demos
Papers
Downloads
Advisories
Contributions
Security Services
Submit News
Syndicated News


Hosting generously provided by
www.mv.com




Pick Your Language


10/10/06 Flash + JS + crossdomain.xml = phun
I was browsing Jeremiah Grossman's Blog and found an interesting post talking about a file named crossdomain.xml and extended uses of it in regards to cross site scripting. In a nutshell there's this file called crossdomain.xml used by flash to say 'I am www.domainb.com and I will allow users of www.domaina.com to make requests to me'. Unfortunately people are misconfiguring their crossdomain.xml file and allowing everybody.

Vulnerable Example:
<cross-domain-policy>
<allow-access-from domain="*" />
</cross-domain-policy>

Per the adobe specification
"Another change to the Flash Player 7 framework is the use of cross-domain policy files. A policy file is a simple XML file that gives the Flash Player permission to access data from a given domain without displaying a security dialog. When placed on a server, it tells the Flash Player to allow direct access to data on that server, without prompting the user grant access.

The server can be in any location available to the Flash movie and does not have to be in the same domain. Cross-domain policy files, named crossdomain.xml, are placed at the root level of a server. When using a policy file you can use a wildcard character (*) in a domain name. For more information on policy files see Why Use Policy Files below."

I'm sure there are many other fun tidbits like this just awaiting to be discovered.

Article Link: http://jeremiahgrossman.blogspot.com/2006/10/crossdomainxml-statistics.html
Chris Shiflett: http://shiflett.org/archive/267
Crossdomain.xml Specification: http://www.adobe.com/cfusion/knowledgebase/index.cfm?id=tn_14213
Link to this Story: 10/10/06 Flash + Ajax + crossdomain.xml = phun
Link: Have a Site Suggestion, Material Request, or News? Submit it!
News RSS Feed: Web Security news RSS Feed



External Links:
Copyright 2000-2007 Cgisecurity.com.
Providing Web Security news since 2000.
Information contained on this website may not be copied without explicit permission.
Best Viewed with Netscape.
Website Security Web Application Security solid state drives ebay cd players camera lens deals buy macbook air not work safe software security canon camera deals


Popular Links By Subject

Sponsored Link (Advertise)


Subscribe to CGISecurity.com



The Web Security Mailing List
  • Re: [WEB SECURITY] Re: The Great WAF Debate
  • [WEB SECURITY] Denial of Service Survey
  • [WEB SECURITY]
  • Re: [WEB SECURITY]
  • [WEB SECURITY] In a perfect world, ... what is your webappsec “wish list"?
  • [WEB SECURITY] Lotus Domino
  • Re: [WEB SECURITY] Lotus Domino
  • [WEB SECURITY] Re: [Webappsec] opinion on obscuring object names in client code
  • [WEB SECURITY] Re: [Webappsec] opinion on obscuring object names in client code
  • [WEB SECURITY] Re: [Webappsec] opinion on obscuring object names in client code

    • Contact us
    Post News, get linkage!

    Name

    Email or Homepage:

    Subject

    Finish the word below: deadb33f

    Body