We're experimenting with new ideas and technologies to see what sticks. Check out what we've cooked up and let us know what you think!
Visit LabsStop by our library of training resources and learn something new! Inside you'll find videos, tutorials, guides, and more to help you improve your use of TechSmith tools. You'll be a pro in no time!
Start LearningSearch
Configuration Manipulation and Cross-site Scripting Vulnerabilities in Flash SWF Files
Date Issued: October 27th, 2009
Affected Software and Components: Flash SWF files created using Camtasia Studio 6.01, 6.02, and 6.03 with the Express Show template with SWF output. Flash SWF files created using Camtasia Studio with other templates are not affected. The vulnerability can be executed in FireFox, Safari, and Google Chrome browsers.
Vulnerability Description: If Flash SWF files are created by the above affected software and then embedded in a website, the website hosting the Flash content may be vulnerable to SWF player configuration manipulation and cross-site scripting attacks. An attacker can craft links to the vulnerable Flash content in order to perform a cross-site scripting attack: when the vulnerable Flash content is viewed by a website visitor, the visitor's Flash player may take insecure, potentially harmful actions. These actions include modification of website content, sending website information such as cookies to the attacker, and redirection to arbitrary websites. The attacker can also modify the configuration of the SWF file to display attacker-specified text, pause at arbitrary times, and link to attacker-specified URLs.
Workaround or Mitigations: In order to fix the issue please extract the two SWF files from the attached zip file and place them in the following directory.
C:\Program Files\TechSmith\Camtasia Studio 6\Media\Studio\Swf
You will be prompted that these files will overwrite the ones that are already there which is okay. Once the files have been overwritten restart Camtasia and reproduce your videos to SWF.
Once the fix has been applied, customers with vulnerable SWF files hosted on a website should reproduce the SWF file. The newly reproduced SWF file will not be vulnerable and can replace the old vulnerable SWF file.
Customers concerned about viewing Flash content can view Flash SWF files using Internet Explorer or Opera which are not affected by this issue.
Additional Information: No other TechSmith products or services are affected by this vulnerability. All SWF files hosted by TechSmith's Screencast.com media hosting site are not affected by this vulnerability. Input parameters passed to the SWF files hosted on Screencast.com are provided by the Screencast.com service, which mitigates this vulnerability. SWF files produced by Jing and Camtasia Relay are not affected by this vulnerability. All other TechSmith products do not produce or use SWF files.
Acknowledgements: TechSmith would like to thank Michael Schmidt of Compass Security Network Computing for reporting this issue to us and working with us while we developed a fix.
-
B2_ConfigurationManipulationinFlashSWFFiles.zip
(773.35 KB)
Corporation, All Rights Reserved.
