'Flash'에 해당되는 글 5건

  1. 2014.04.14 Debugging Flash Remoting within Macromedia Flash MX applications
  2. 2013.09.30 ClamAV 0.98 has been released!
  3. 2013.02.14 Adobe Flash 및 Shockwave Player 취약점 업데이트
2014. 4. 14. 10:51

Debugging Flash Remoting within Macromedia Flash MX applications

When developing rich client applications using Macromedia Flash MX, debug Macromedia Flash Remoting as you go. Common functions that you'll debug include:

  • The connection to the Service Object
    For example, a web service or a JavaBean.
  • The connection to the Service Function
    For example, connecting to a method in a JavaBean or a web service.
  • The returned data

This TechNote describes how to use the Macromedia Flash MX NetConnection Debugger and the NetServices trace() method to debug Flash Remoting in the Macromedia Flash MX authoring environment.

THE NETCONNECTION DEBUGGER

Use the NetConnection Debugger (NCD) to view, interact with and filter events within a movie in order to isolate problems during development. The NCD is included when you install the Flash Remoting Components but you'll need to enable it and run it within each movie.

Enabling NCD

Before using the NCD with a movie, enable it by including the NetDebug.as class file at the movie's frame level:

  1. Open the movie's ActionScript.
  2. Insert the following at the top of the ActionScript:
    #include "NetDebug.as"

Running a movie with the NCD

Once the NCD is enabled for a movie, you're ready for debugging:

  1. With your movie open in Macromedia Flash MX, selectWindow > NetConnection Debugger.
  2. With the NCD in the frontmost window, press the CTRL + ENTER keys to run your movie.

The example below shows the NCD for a particular movie:

Debug Event pane: Displays events as they occur. When a Service Object or Service Function is called in your movie, the events display in this pane. If a function calls a Service Function when a button is clicked or released, the information displays after that event occurs in the Debug Event pane.

Clear Event button: Use this button to clear the Debug Event pane.

Summary pane: Select an event within the Debug Event pane to display its associated values within this pane. For example, the NCD window above shows a query being returned. Because it's selected in the Debug Event pane, the query data displays in the Summary pane.

Help button: Use this button to get information about how to use the NCD.

Filters pane button: Use this pane to filter out client-side and server-side events from displaying in the NCD. Filters are useful when trying to isolate a problem that is appearing in specific events.

Preferences pane button: Use this pane to select settings for the NCD. For performance reasons the NCD allows you to control the amount of resources used. The default event memory limit is 500 kb with 25 events. Increase these values if your events are truncated.

USING THE TRACE METHOD

The trace() method is a quick way to to see what's happening during certain events in your code. You can pass any variable to the trace() method. For example, you can use it to dynamically store a query's record count.

Enter the trace() method directly in ActionScript. When you run a movie that includes the trace() method, the Macromedia Flash MX Output window displays trace information. Because the trace() method is a NetServices method, you don't need to include the NetDebug.as class in a movie's ActionScript to use it.

The trace() method in the ActionScript below is being used to debug three different events:

if (isGatewayOpen == null) {
// do this code only once
isGatewayOpen = true;
trace("isGatewayOpen has been set to true");
var myURL = "http://127.0.0.1:8500/flashservices/gateway";
NetServices.setDefaultGatewayUrl(myURL);
trace("setDefaultGatewayURL = " + myURL);
gatewayConnnection = NetServices.createGatewayConnection();
parkService = gatewayConnnection.getService
("flashremoting.NationalPark.cfc.ParkService",this);
trace("parkService has been connected");
}

When this movie runs, the Output pane displays the following:

ADDITIONAL INFORMATION

See the Macromedia Flash Remoting Release Notes to learn more about features and functionality.

Last updated:August 16, 2002
Created:July 3, 2002



출처 : www.adobe.com


Trackback 0 Comment 0
2013. 9. 30. 19:57

ClamAV 0.98 has been released!



ClamAV 0.98 includes many new features, across many different components
of ClamAV. There are new scanning options, extensions to the libclamav API,
support for additional filetypes, and internal upgrades.

- Signature improvements: New signature targets have been added for
PDF files, Flash files and Java class files. (NOTE: Java archive files
(JAR) are not part of the Java target.) Hash signatures can now specify
a '*' (wildcard) size if the size is unknown. Using wildcard size
requires setting the minimum engine FLEVEL to avoid backwards
compatibility issues. For more details read the ClamAV Signatures
guide.
- Scanning enhancements: New filetypes can be unpacked and scanned,
including ISO9660, Flash, and self-extracting 7z files. PDF
handling is now more robust and better handles encrypted PDF files. 
- Authenticode: ClamAV is now aware of the certificate chains when
scanning signed PE files. When the database contains signatures for
trusted root certificate authorities, the engine can whitelist
PE files with a valid signature. The same database file can also
include known compromised certificates to be rejected! This
feature can also be disabled in clamd.conf (DisableCertCheck) or
the command-line (nocerts). 
- New options: Several new options for clamscan and clamd have been
added. For example, ClamAV can be set to print infected files and
error files, and suppress printing OK results. This can be helpful
when scanning large numbers of files. This new option is "-o" for
clamscan and "LogClean" for clamd. Check clamd.conf or the clamscan
help message for specific details. 
- New callbacks added to the API: The libclamav API has additional hooks
for developers to use when wrapping ClamAV scanning. These function
types are prefixed with "clcb_" and allow developers to add logic at
certain steps of the scanning process without directly modifying the
library. For more details refer to the clamav.h file. 
- More configurable limits: Several hardcoded values are now configurable
parameters, providing more options for tuning the engine to match your
needs. Check clamd.conf or the clamscan help message for specific
details. 
- Performance improvements: This release furthers the use of memory maps
during scanning and unpacking, continuing the conversion started in
prior releases. Complex math functions have been switched from
libtommath to tomsfastmath functions. The A/C matcher code has also
been optimized to provide a speed boost. 
- Support for on-access scanning using Clamuko/Dazuko has been replaced
with fanotify. Accordingly, clamd.conf settings related to on-access
scanning have had Clamuko removed from the name. Clamuko-specific
configuration items have been marked deprecated and should no longer
be used.


There are also fixes for other minor issues and code quality changes. Please
see the ChangeLog file for details.

--
The ClamAV team (http://www.clamav.net/team)


Trackback 0 Comment 0
2013. 2. 14. 18:50

Adobe Flash 및 Shockwave Player 취약점 업데이트

개요

  • Adobe社는 Adobe Flash 및 Shockwave Player에 영향을 주는 코드실행 취약점을 해결한 보안 업데이트를 발표[1][2]
  • 낮은 버전의 Adobe Flash 및 Shockwave Player 사용으로 악성코드 감염 등의 사고가 발생할 수 있으므로 해결방안에 따라 최신버전으로 업데이트 권고


설명

  • Adobe社는 Adobe Flash Player의 17개 취약점을 해결한 보안 업데이트를 발표[1]
    • 코드실행으로 이어질 수 있는 버퍼오버플로우 취약점 (CVE-2013-1372, CVE-2013-0645, CVE-2013-1373, CVE-2013-1369, CVE-2013-1370, CVE-2013-1366, CVE-2013-1365, CVE-2013-1368, CVE-2013-0642, CVE-2013-1367)
    • 코드실행으로 이어질 수 있는 “use-after-free” 취약점 (CVE-2013-0649, CVE-2013-1374, CVE-2013-0644)
    • 코드실행으로 이어질 수 있는 정수형 오버플로우 취약점 (CVE-2013-0639)
    • 코드실행으로 이어질 수 있는 메모리 손상 취약점 (CVE-2013-0638, CVE-2013-0647)
    • 정보 유출로 이어질 수 있는 취약점 (CVE-2013-0637)
  • Adobe社는 Adobe Shockwave Player의 2개 취약점을 해결한 보안 업데이트를 발표[2]
    • 코드실행으로 이어질 수 있는 메모리 손상 취약점 (CVE-2013-0635)
    • 코드실행으로 이어질 수 있는 스텍 오버플로우 취약점 (CVE-2013-0636)


해당 시스템

  • 영향 받는 소프트웨어
    • 윈도우 및 Mac 환경에서 동작하는 Adobe Flash Player 11.5.502.149 및 이전 버전
    • 리눅스 환경에서 동작하는 Adobe Flash Player 11.2.202.262 및 이전 버전
    • 안드로이드 4.x 환경에서 동작하는 Adobe Flash Player 11.1.115.37 및 이전 버전
    • 안드로이드 3.x, 2.x 환경에서 동작하는 Adobe Flash Player 11.1.111.32 및 이전 버전
    • 구글 크롬브라우저 환경에서 동작하는 Adobe Flash Player 11.5.31.139 및 이전 버전
    • 윈도우8, 인터넷익스플로러10 환경에서 동작하는 Adobe Flash Player 11.3.379.14  및 이전 버전
    • 윈도우 및 Mac 환경에서 동작하는 Adobe AIR 3.5.0.1060 및 이전 버전
    • Adobe AIR 3.5.0.1060 SDK 버전
    • 안드로이드 환경에서 동작하는 Adobe AIR 3.5.0.1060 및 이전 버전
    • 윈도우 및 Mac 환경에서 동작하는 Adobe Shockwave Player 11.6.8.638 및 이전 버전


해결방안

  • 윈도우, Mac, 리눅스 환경의 Adobe Flash Player 사용자
    • Adobe Flash Player Download Center(http://get.adobe.com/kr/flashplayer/)에 방문하여 Adobe Flash Player 최신 버전을 설치하거나, 자동 업데이트를 이용하여 업그레이드
  • 윈도우8 버전에서 동작하는 인터넷익스플로러10 버전 사용자
    • 윈도우 자동업데이트 적용
  • 안드로이드 환경의 Adobe Flash Player 사용자
    • Adobe Flash Player가 설치된 안드로이드 폰에서 ‘구글 플레이 스토어’ 접속 → 메뉴 선택 → 내 애플리케이션 선택 → Adobe Flash Player 안드로이드 최신 버전으로 업데이트 하거나 자동업데이트를 허용하여 업그레이드
  • 구글 크롬브라우저 사용자
    • 크롬브라우저 자동업데이트 적용
  • 윈도우, Mac 환경의 Adobe AIR 사용자
    • Adobe AIR Download Center(http://get.adobe.com/kr/air/)에 방문하여 Adobe AIR 최신 버전을 설치하거나, 자동 업데이트를 이용하여 업그레이드
  • Adobe AIR SDK 사용자
  • 안드로이드 환경의 Adobe AIR 사용자
    • Adobe AIR가 설치된 안드로이드 폰에서 ‘구글 플레이 스토어’ 접속 → 메뉴 선택 → 내 애플리케이션 선택 → Adobe AIR 안드로이드 최신 버전으로 업데이트 하거나 자동업데이트를 허용하여 업그레이드
  • 윈도우, Mac 환경의 Adobe Shockwave Player 사용자
    • Adobe Download Center(http://get.adobe.com/shockwave/)에 방문하여 최신 버전을 설치하거나 자동 업데이트를 이용하여 업그레이드


용어 정리

  • Adobe Flash Player : Adobe社에서 개발한 소프트웨어로 웹상에서 멀티미디어 컨텐츠 및 응용 프로그램을 볼 수 있는 프로그램
  • Adobe Shockwave Player : 웹브라우저에 플러그인 형태로 설치되는 멀티미디어 재생을 위한 플레이어
  • Adobe AIR(Adobe Integrated Runtime): HTML, JavaScript, Adobe Flash 및 ActionScript를 사용하여 브라우저의 제약 없이 독립 실행형 모바일 및 데스크탑 웹 애플리케이션을 구축하거나 사용할 수 있는 환경을 제공하는 도구
  • Use After Free 취약점 : 소프트웨어 구현 시 동적 혹은 정적으로 할당된 메모리를 해제했음에도 불구하고 이를 계속 참조(사용)하여 발생하는 취약점


기타 문의사항

  • 한국인터넷진흥원 인터넷침해대응센터: 국번없이 118

[참고사이트]

[1] http://www.adobe.com/support/security/bulletins/apsb13-05.html


Trackback 1 Comment 0