Rich Cannings has published an advisory on the Web Security Mailing List describing a flaw on common flash authoring tools allowing for XSS. From his advisory

"THE PROBLEM

Many web authoring tools that automatically generate SWFs insert identical and vulnerable ActionScript into all saved SWFs or necessary controller SWFs (think of tools that "save as SWF", "export to SWF", etc.). The vulnerable ActionScript can used by attackers to execute arbitrary JavaScript in the security domain of the website hosting the SWF.

We were unable to perform an exhaustive review of all authoring tools that generate SWFs. More XSS issues may exist in the products listed below and certainly exist in other applications that save to SWF.

We are only reporting XSS vulnerabilities that have been fixed by the vendors. There are more products vulnerable. We will publish more information when the vendor releases fixes."

Email Link: http://www.webappsec.org/lists/websecurity/archive/2008-01/msg00001.html