Macromedia Flash Player Flash Cookie Predictable File Location Weakness

Mindwarper has released a proof-of-concept for this issue which can be found at the following web site:

http://www.mlsecurity.com/ie/ie.htm

This proof-of-concept also exploits the issue described in BID 8886.

Andreas Sandblad also provided the following example, which exploits BID 7826 so that it is no longer necessary to guess the local username of the victim:

ftp://%@/../../../../Application Data/Macromedia/Flash
Player/YOURDOMAINNAME.TLD\YOURDOMAINNAME.sol


 

Privacy Statement
Copyright 2010, SecurityFocus