Can a .swf file contain viruses? or be a mean of hacking?
Guillermo Olvera
If sombody knows the answer please advise. Thx.
Caleb Stone
that the file was infected. So I know it's possible to transmit a virus via
swf, but I don't know what else it could do...
-C
> From: "Brad McAllister" <bra...@yahoo.com>
> Newsgroups:
> macromedia.dreamweaver,macromedia.dynamic.html,macromedia.feedback.www-macrome
> dia-com,macromedia.flash,macromedia.flash.sitedesign,macromedia.ultradev
> Date: Wed, 29 Nov 2000 01:18:36 -0000
> Subject: Re: Can a .swf file contain viruses? or be a mean of hacking?
>
> I think thats a good question... I certainly hope not!.
>
> --
>
> ("`-''-/").___..--''"`-._
> `6_ 6 ) `-. ( ).`-.__.`)
> (_Y_.)' ._ ) `._ `. ``-..-' ICQ: 30404049
> _..`--'_..-_/ /--'_.' ,' TradesmanCentral.com
> (il),-'' (li),' ((!.-' NetEvolution.co.uk
> ________________________________________________________
>
>
>
>
> Guillermo Olvera <guillerm...@hotmail.com> wrote in message
> news:901d7f$1io$1...@misc.macromedia.com...
Keith Homel
that one type of virus protection recognizes flash as a certain type of virus. But
it just ain't so!! :)
Keith
Bentley Wolfe
> My girlfriend sent an swf file to a prospective employer, only to discover
> that the file was infected. So I know it's possible to transmit a virus via
> swf, but I don't know what else it could do...
ANY file sent from point A to point B can carry a virus. Flash is fairly safe
because it has no direct access to the file system and it can't launch executables
or make direct system calls. But it's binary, streaming content which can be
intercepted as it streams, so it, like most everything else, can be hacked.
--
Regards,
Bentley Wolfe
Senior Support Engineer, Macromedia
-- please reply to the forum, not direct mail --
Byron Canfield
the file sent? If by email, the email, itself, was more likely the carrier of
the "infection". If on disk, the boot sector was a far more likely culprit. If
the SWF was not, in fact, and SWF but an EXE file, a projector, then that could
very well have had a virus attached to it, but not because it was an SWF --
because it was executable, something that happened on the source machine between
the time the EXE was created and the time it was transferred (via disk or
email).
--
Byron Canfield
Canfield Studios
"Macromedia Evangelist"
http://www.byronc.com
"Caleb Stone" <ca...@cdstone.com> wrote in message
news:B649DDD9.3D42%ca...@cdstone.com...
Brad McAllister
ACCOM
On PC , you can do an "exec" with command.com for example as parameter..
For more info , go :
http://polar-lights.com/en/
and see...
Writing, appending,deleting files and launching standard DOS utilites from
windows projectors. (Both Flash4 and 5 .fla files inside .zip)
Nestor 10
suddenly decided to show everyone how to use the MS Scripting Engine to
access, open, write, create, etc. on a Windows system.
See
http://webreference.com/js/column71/
for the specifics...
--
-Y-
Nestor 10
nest...@mindspring.chkr.com
".chkr" is for mail-bots
ACCOM
Object...
Nestor 10 a écrit dans le message <903bki$fsa$1...@misc.macromedia.com>...
Ilya Rudev
Besides you can call javascript directly from .swf file (without any
modifications in HTML code) and use any security hole described for example
on http://www.guninski.com/
:)
Good luck !
______
Ilya. -Polar Lights Studios-
Flash sources page http://polar-lights.com/en/
Matt Wobensmith
>False!
>On PC , you can do an "exec" with command.com for example as parameter..
This pertains to the EXE projector, not the SWF. The SWF provides no
particular security threats that aren't already present in the browser. The
SWF itself is safe.
As far as an EXE projector, indeed, these can be abused. However, as with any
EXE, the only safe way to use these is to get them from a source that's
trusted. If you launch an EXE - of any type - on your computer, you don't know
what you're getting, Flash or otherwise.
Matt