HP's Free Adobe Flash Vulnerability Scanner 82
Catalyst writes "SWFScan is a free Flash security tool (download here), released by HP Software, which decompiles all versions of Flash and scans them for over 60 security vulnerabilities. The scan detects things like XSS, SQL inside of the Flash app, hard-coded authentication credentials, weak encryption, insecure function calls, cross-domain privilege escalation, and violations of Adobe's security recommendations. There is also this video explaining a real, and amusing, attack against a Flash app. These issues are fairly widespread, with over 35% of SWF applications violating Adobe security advice."
What good is it? (Score:5, Interesting)
Youtube (Score:5, Interesting)
And lo: it's got 7 vulnerabilities.
It's interesting how this behemoth of a flash provider is still not secure.
*reaches for tinfoil hat*
Re:Youtube (Score:3, Interesting)