Hello, I am writing to you to inform you of a possible security issue with swfobject.js My swfobject.js files on multiple sites have been repeatably hacked. I am unsure if the security weakness is in the js file or somewhere else, but I thought I would let you guys know just in case.
Here are the js files (from my three sites) in their hacked state. Encrypted code has been inserted into the top of the file: http://www.virtualmatter.org/upload/hacked_swfobjects.zip I've done all the normal stuff like roll my passwords, check other files, replace everything, set permissions, etc... The issue is probably on my end, but I thought I would let you know just in case someone who knows this code better then I do (all of you, haha) finds something. I am not expecting a solution or anyone to help me solve this, but I will have to stop using swfobject because of it. Hopefully this is a problem on my end and swfobject is fine. -- Sincerely, Kevin Whitfield -- You received this message because you are subscribed to the Google Groups "SWFObject" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/swfobject?hl=en.
