Full Disclosure mailing list archives
Re: First case of Cyber Rolling?
From: Ureleet <ureleet () gmail com>
Date: Mon, 12 May 2008 10:41:06 -0400
plus i thought you were unsubscribing? On Sun, May 11, 2008 at 5:28 PM, Dr. J Swift <fdiscsplat () gmail com> wrote:
On Sat, May 10, 2008 at 11:03 PM, n3td3v <xploitable () gmail com> wrote: > Scaring people with fullScreen > > * Posted by bunnyhero > * 2008 May 10 > > When Flash Player 9 goes into full screen mode, it pops up a little > security message that tells the user how to exit full screen mode. It > appears as white text on a semi-transparent black background so it is > generally always visible (which is good). Still, I wondered if it > could be obscured. > > The message is always on top, so it is impossible to draw over it. But > what if we tried distracting the user from the actual security > message? > > Here's a silly test: > > Of course, you can press Esc (or alt+tab to another window) to escape. > > UPDATE: I have made the source code available, warts and all, under a > ZLib licence. Share and enjoy :) > > http://www.bunnyhero.org/2008/05/10/scaring-people-with-fullscreen/ > Mr. Wallace, Are you bunnyhero? Why would you publish this exploit? Did you contact the affected vendors prior to your publishing this? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- First case of Cyber Rolling? n3td3v (May 10)
- Re: First case of Cyber Rolling? Dr. J Swift (May 11)
- Re: First case of Cyber Rolling? Ureleet (May 12)
- Re: First case of Cyber Rolling? Dr. J Swift (May 11)