WebApp Sec mailing list archives

RE: Flash sites

From: "Piet Carpentier" <Piet.Carpentier () ANAXIS be>
Date: Thu, 4 Sep 2003 08:58:44 +0200

I don't now i think flash is pretty unsafe.
So far as i know u can decompile it. And i also did.
So i don't think it is verry safe.
And every site got its security holes it just to the attacker to be creative to get in.

greetz 
piet carpentier

-----Original Message-----
From: Nick Duda [mailto:nduda () VistaPrint com]
Sent: woensdag 3 september 2003 19:05
To: John Madden; webappsec () securityfocus com
Subject: RE: Flash sites


Depends, if you mean web content itself then its pretty damn good. However you still have to worry about the webserver 
it sits on. The webserver itself can be hacked and then those flash files can be deleted , other files uploaded....and 
so on. 

-Nick

-----Original Message-----
From: John Madden [mailto:chiwawa999 () yahoo com]
Sent: Wednesday, September 03, 2003 12:14 PM
To: webappsec () securityfocus com
Subject: Flash sites


Hello all,

If a web site contains only flash files and has no
write permissions to modify those flash files, no
default files or other potentially dangerous scripts
can we say that is the "safest" form of a web site ?

Are there any other concerns in auditing a flash based
site ?

Thanks

John

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

Current thread:

Flash sites John Madden (Sep 03)
- Re: Flash sites Thomas Chiverton (Sep 04)
- Re: Flash sites RSnake (Sep 04)
- Re: Flash sites Max Moser (Sep 04)
  - Re: Flash sites RSnake (Sep 04)
- Re: Flash sites Jean-Jacques Halans (Sep 04)
- Re: Flash sites Jeremiah Grossman (Sep 04)
  - Re: Flash sites ADex (Sep 06)
- <Possible follow-ups>
- RE: Flash sites Nick Duda (Sep 03)
  - RE: Flash sites Mathew C. Beckman (Sep 04)
- RE: Flash sites Piet Carpentier (Sep 04)
- Re:Flash sites leorl (Sep 04)
- FW: Flash sites GRIFFITHS ian (Sep 05)