User Privilege Gain using Flash Active X Flaw ??!

Posted in Flash by Last ActionScript Hero - Blog on the 12-03-2006

Most of you would have noticed that my site was down for almost two weeks without any notice. When I checked with my service provider he goes "We have received complaints from our data center that your site is causing some serious security violation" and when I dug into this further he says that a Flash file was being used to compromise the system. Holy crap!! What the hell are you saying? I knew that there was a Active X flaw in Flash Player earlier which gives the ability to do a buffer overflow hack (whatever that means) but I have only read about such things in Wired magazine and have never even done anything close to that.

After hours (or should I say days) of investigation I was told that the file in question was the example SWF which I posted for this entry in my blog. The file is a very simple example which uses the ContextMenu API to open a link in a new window and how could that possibly cause a security violation and that too of this intense a nature.

This was the message which I got from my service provider:

------------------------------------------------------------------------------------------------------
From: xxxxxx
Sent: 09 November 2006 18:11
To: xxxxxxxxxxx
Subject: SNORT ALERT: 1 in Application:snort:ALERT
--------------------------------------------------------------------------------

EVENT #
353
EVENT LOG
Application
EVENT TYPE
Information
SOURCE
snort
EVENT ID
1
COMPUTERNAME
xxxxx
TIME
11/9/2006 6:11:16 PM
MESSAGE
[1:7978:2] WEB-CLIENT ShockwaveFlash.ShockwaveFlash ActiveX CLSID access [Classification: Attempted User Privilege Gain] [Priority: 1]: {TCP} xx.xx.xxx.xxx:xx -> xxx.xxx.x.xx:xxxx


Does anyone out there have any clue of what had gone wrong? This is the first time in my life I am hearing of anything like this. Believe me I was almost feeling like I am in a deep trouble for nothing. Finally I removed three SWF’s from my site which I suspected to be the troublemakers and got my site to life again. Will someone from Adobe care to look into this?

Read full article

  1. Responses to “User Privilege Gain using Flash Active X Flaw ??!”

Post a Comment

captcha

Flash Develop And Design powered by FlashDevelop.NET