WebApp Sec mailing list archives
Re: Flash sites
From: Thomas Chiverton <thomas.chiverton () bluefinger com>
Date: Thu, 4 Sep 2003 09:23:08 +0100
On Wednesday 03 Sep 2003 17:14 pm, John Madden wrote:
If a web site contains only flash files and has no write permissions to modify those flash files, no default files or other potentially dangerous scripts can we say that is the "safest" form of a web site ?
While quite safe, there is still the chance that some CSS, database SQL injection or something could be happening. With Macromedia's Royal XML-based Flash coming RSN, offering the chance of on-the fly Flash built from an XML packet generated by a database, things could get *real* intresting _very_ quickly... -- Tom Chiverton (sorry 'bout sig.) Advanced ColdFusion Programmer Tel: +44(0)1749 834997 email: tom.chiverton () bluefinger com BlueFinger Limited Underwood Business Park Wookey Hole Road, WELLS. BA5 1AF Tel: +44 (0)1749 834900 Fax: +44 (0)1749 834901 web: www.bluefinger.com Company Reg No: 4209395 Registered Office: 2 Temple Back East, Temple Quay, BRISTOL. BS1 6EG. *** This E-mail contains confidential information for the addressee only. If you are not the intended recipient, please notify us immediately. You should not use, disclose, distribute or copy this communication if received in error. No binding contract will result from this e-mail until such time as a written document is signed on behalf of the company. BlueFinger Limited cannot accept responsibility for the completeness or accuracy of this message as it has been transmitted over public networks.***
Current thread:
- Flash sites John Madden (Sep 03)
- Re: Flash sites Thomas Chiverton (Sep 04)
- Re: Flash sites RSnake (Sep 04)
- Re: Flash sites Max Moser (Sep 04)
- Re: Flash sites RSnake (Sep 04)
- Re: Flash sites Jean-Jacques Halans (Sep 04)
- Re: Flash sites Jeremiah Grossman (Sep 04)
- Re: Flash sites ADex (Sep 06)
- <Possible follow-ups>
- RE: Flash sites Nick Duda (Sep 03)
- RE: Flash sites Mathew C. Beckman (Sep 04)
- RE: Flash sites Piet Carpentier (Sep 04)
- Re:Flash sites leorl (Sep 04)
(Thread continues...)