Back

Rosetta flash vulnerability

By
Nash N Sulthan
Published on
24 Jun 2018
1 min read

Rosetta is used in creating a new type of flash file. Usual flash files contain non-printable characters. Whereas, Rosetta can printable characters. When a web application request data from another web application, the server sends the data as JSONP (JavaScript Object Notation with Padding) to the receiving server. The attacker can make a malicious site request a JSONP file to victim web application. The JSONP file is used to communicate between different applications because the receiving server cannot make changes to the sender’s JSONP file. But, if the receiving file is a rosetta flash file, the flash file will be executed by the web browser. The attacker will leverage this bug to exploit the application.

Impact

The major impact includes leakage of sensitive data. An attacker can leak sensitive information like user credentials and other information about the end users

Mitigation / Precaution

Beagle recommends the following fixes:-

  • Apply the update patches for Adobe Flash Player 11.2.202.394 and 14.0.0.145.
  • Use an additional validation check.
  • Modify the JSONP endpoints response on the web to prevent this attack.
  • Add a comment (/**/) at the start of the callback parameter. This prevents the callback parameter to be interpreted as a flash file.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.
Product tour
Written by
Nash N Sulthan
Nash N Sulthan
Cyber Security Lead Engineer
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.
Product tour