« Why Your Static Analysis Scanner Should Use String Analysis | Main | Babylon Cross-Application Scripting »

March 22, 2010


Nils Hitze

Doesn't works with my Chrome but i will forward it to someone at Google that can maybe forward this to the Gmail Team. Thanks for finding it.

Yair Amit

Hello Nils,
In order to refrain from putting Gmail users under risk, this issue has been responsibly disclosed to Google. Therefore, this write-up was published only after the aforementioned security hole was fixed.


hi YairAmit

nice work!

this hole was fied now,can share the old version of
'uploaderapi2.swf' to me?

thank u

my gmail:[email protected]


it is a nice case.
my gtalk:evilcos#gmail.com

can u share the unfixed .swf file to me? thx:)


Hi Yair Amit,

It's amazing ! I wonder how many mail, or other, Services has a similar problem...

Good luck,


Hi Yair,
very nice finding and writeup!
It seems that this category of bugs is going to be more and more discovered.

Thanks for the reference, too! :)


Yair Amit

@All, thanks for the feedback! :)

@Stefano, I agree that discoveries of this category of bugs will become more common, as the awareness to them rises.
However, after taking a look at some of the security changes that were applied by Adobe in ActionScript 3 (such as blocking the ability to implicitly use global parameters, a common programming error in AS2), it seems that they are in the right direction. :)

The comments to this entry are closed.

Follow us on Twitter

AppScan Free Trial

Try IBM Security AppScan software at no charge.

Become a Fan