|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Ureleet (ureleet
gmail.com)
Date: Mon May 12 2008 - 09:41:06 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
plus i thought you were unsubscribing?
On Sun, May 11, 2008 at 5:28 PM, Dr. J Swift <fdiscsplatgmail.com> wrote:
> On Sat, May 10, 2008 at 11:03 PM, n3td3v <xploitablegmail.com> wrote:
> > Scaring people with fullScreen
> >
> > * Posted by bunnyhero
> > * 2008 May 10
> >
> > When Flash Player 9 goes into full screen mode, it pops up a little
> > security message that tells the user how to exit full screen mode. It
> > appears as white text on a semi-transparent black background so it is
> > generally always visible (which is good). Still, I wondered if it
> > could be obscured.
> >
> > The message is always on top, so it is impossible to draw over it. But
> > what if we tried distracting the user from the actual security
> > message?
> >
> > Here's a silly test:
> >
> > Of course, you can press Esc (or alt+tab to another window) to escape.
> >
> > UPDATE: I have made the source code available, warts and all, under a
> > ZLib licence. Share and enjoy :)
> >
> > http://www.bunnyhero.org/2008/05/10/scaring-people-with-fullscreen/
> >
>
> Mr. Wallace,
>
> Are you bunnyhero?
>
> Why would you publish this exploit?
>
> Did you contact the affected vendors prior to your publishing this?
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]