We need an overall of ten to fifteen vulnerable (to XSS) Flash files to show them to the Shumway team. Ideally we have them in a folder - each embedded in HTML with a button to trigger the vulnerability.
We need bugs that exploit vulnerabilities in as many different Flash/AS methods as possible. Further, some of the bugs should be requiring user interaction to be exploited, others should be exploitable without user interaction.
This step is important before we re-connect with the Shumway team. They basically will use this input to understand, what APIs we would need.
We need an overall of ten to fifteen vulnerable (to XSS) Flash files to show them to the Shumway team. Ideally we have them in a folder - each embedded in HTML with a button to trigger the vulnerability.
We need bugs that exploit vulnerabilities in as many different Flash/AS methods as possible. Further, some of the bugs should be requiring user interaction to be exploited, others should be exploitable without user interaction.
This step is important before we re-connect with the Shumway team. They basically will use this input to understand, what APIs we would need.