Flex 3 historyFrame.html update to address potential cross-site scripting vulnerability

Adobe has released a security bulletin announcing a cross-site scripting vulnerability in the History Management feature of Flex 3 ..

A potential cross-site scripting vulnerability has been identified in code used by the Flex 3 History Management feature. It is recommended that developers who have History Management enabled in applications developed with Flex 3 update their deployed applications and development environments with the instructions provided below.

The History Manager uses an external html file called historyFrame.html to facilitate the use of browser back and forward buttons to navigate Flex Applications. Apparently, this html file has input validation errors that could lead to potential cross-site scripting attacks.

Solution:

The historyFrame.html file has been patched in the recent Flex 3.0.2 SDK Update , so updating the SDK and recompiling your application should solve the problem. You can find instructions on how to install the new SDK in Flex Builder here.

If you have a already deployed application and for some reason you wish to patch it directly, then replacing the deployed file in the history folder with the appropriate file from the 3.0.2 SDK should also work. The different historyFrame.html files in the SDK can be found at these paths, you can select one based on the script features that you are using …

[install root]/templates/client-side-detection-with-history/history/historyFrame.html
[install root]/templates/express-installation-with-history/history/historyFrame.html
[install root]/templates/no-player-detection-with-history/history/historyFrame.html

Lastly if you build applications using the Flash Platform then I would strongly recommend staying tuned to the Adobe Product Security Incident Response Team (PSIRT) for timely updates on security vulnerabilities and fixes.