Simple Adobe bypass for CVE-2014-5333 - Rosetta Flash
- Based on Rosetta flash GitHub project
- Extended to bypass both Adobe fixes (CVE-2014-4671 and CVE-2014-5333)
- Can be exploited on sites that:
- don't implement protection on their side (e.g. prepend /**/ or encode callback parameter using JS backslash notation)
- and supports UTF-8/binary callbacks (i.e. no callback characters whitelist. Btw. does anybody support full binary callback?)
For the details please see github.com/topolik/rosettaflash
REST JSONP endpoint:
Target site: must be the same origin as the one above or permit the REST endpoint in crossdomain.xml