中文摘要：

Flash引起的跨站脚本攻击能够导致用户隐私泄露，严重威胁Web安全．有必要对此类漏洞的挖掘技术进行深入研究，尽早发现并修复安全隐患．通过分析总结可以导致XSS（cross-site scripting）漏洞的不安全ActionScript函数，设计并实现了Flash跨站脚本漏洞挖掘工具（flash XSS detector，FXD）．它将静态分析和动态测试技术相结合，能够自动地反编译Flash文件，分析ActionScript文件中包含的危险函数及对应参数，并通过动态测试方法加以验证．通过使用该工具对AlexaTopl00站点中的Flash文件进行广泛的测试，发现18个站点的48个Flash应用可以导致XSS攻击．该测试结果表明了FXD的有效性和先进性．

英文摘要：

Popular websites such as YouTube, Yahoo! and CNN, contain a large number of Flash files to deliver dynamic contents. However, many Flash objects are exposed to cross-site scripting （abbreviated as XSS, a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites） vulnerabilities as they are usually coded without properly purifying their inputs. In this paper, we study the technology of XSS in online Flash and introduce an engine called FXD （Flash XSS Detector）, which is designed to automatically scramble webpages with embedded Flash objects and check whether or not they are vulnerable to XSS attacks. We evaluate FXD on a large collection of XSS vulnerable Flash testing samples we created, which cover all common Flash XSS vulnerabilities. FXD performs efficiently in detecting Flash XSS by providing wide coverage of different kinds of Flash XSS which is higher than all related works we know. We also use FXD to test real-world websites, and find that there are still many embedded Flash objects vulnerable to XSS even in Alexa Top 100 websites. Finally, we discover a new trend that Flash XSS nowadays is mainly caused by combination of key functions in different categories.