Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in ActionScript in arbitrary Shockwave Flash (SWF) files created by InfoSoft FusionCharts allows remote attackers to inject arbitrary additional SWF content via a URL in the SRC attribute of an IMG element in the dataURL parameter.
References 5 Total
- http://docs.google.com/View?docid=ajfxntc4dmsq_14dt57ssdw
- vupen.com: ADV-2008-0067 vdb-entry
- kb.cert.org: VU#249337 third-party-advisory
- securityfocus.com: 20080102 XSS Vulnerabilities in Common Shockwave Flash Files mailing-list
- securityfocus.com: 27109 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- http://docs.google.com/View?docid=ajfxntc4dmsq_14dt57ssdw x_transferred
- vupen.com: ADV-2008-0067 vdb-entryx_transferred
- kb.cert.org: VU#249337 third-party-advisoryx_transferred
- securityfocus.com: 20080102 XSS Vulnerabilities in Common Shockwave Flash Files mailing-listx_transferred
- securityfocus.com: 27109 vdb-entryx_transferred