A security researcher has found a gap in the way Adobe Systems has fortified its Flash Player for better security, which could result in data being stolen and sent to a remote server. Billy Rios, a researcher who is a security engineer for Google, published on his personal blog a way to get around Flash Player's local-within-filesystem sandbox.

Busting sanctions

The sandbox allows a Shockwave Flash (SWF) file to read local files but not send data over the network. It also prevents SWF files from making JavaScript calls or HTTP or HTTPS requests, Rios wrote. A local file is described as one that can be referenced using "file: protocol" or a Universal Naming Convention path, Rios wrote.

But Rios found that the sandbox restrictions are actually not quite so strict. He found he could bypass the sandbox but reformatting the request, such as "file://request to a remote server." Adobe, however, limits those requests to local IP (Internet protocol) addresses and hostnames, Rios wrote.

The link for this article located at Tech World is no longer available.