https://community.sap.com/t5/application-development-and-automation-discussions/exploits-java-script-flash-activex-sap-principles-found-where/m-p/6411454#M1407951 <HTML><HEAD></HEAD><BODY><P>Hi people!</P><P></P><P>SAP releases support for rich Web Browser applications in Web Dynpro (Flash).</P><P>The use of the Web Browser as FrontEnd in Business transactions will grow in the future.</P><P></P><P>Every week we read of new exploits in applications that enriches the Web Browsers.</P><P>It could be Java Script, Flash or ActiveX. Like this for example:</P><P><A href="http://www.computerworld.com/s/article/9140768/Flash_flaw_puts_most_sites_users_at_risk_say_researchers" target="test_blank">http://www.computerworld.com/s/article/9140768/Flash_flaw_puts_most_sites_users_at_risk_say_researchers</A></P><P></P><P>Some exploits has over the years been so severe that users have been recommended to deactivate the application until a solution is delivered.</P><P></P><P>If we are dependent of the Web Browser application for important Business Transactions it becomes more problematic to deactivate it.</P><P></P><P><STRONG>I am looking for information around this area.</STRONG> I have not found anything in SAPNet or SDN, but I have some problems knowing where to look. I have not found this aspect somewhere. </P><P></P><P>If you have information of official documents or URLs, please provide it in this thread.</P><P></P><P>Cheers,</P><P>Lasse</P></BODY></HTML> Wed, 18 Nov 2009 10:50:56 GMT Former Member 2009-11-18T10:50:56Z https://community.sap.com/t5/application-development-and-automation-discussions/exploits-java-script-flash-activex-sap-principles-found-where/m-p/6411454#M1407951 <HTML><HEAD></HEAD><BODY><P>Hi people!</P><P></P><P>SAP releases support for rich Web Browser applications in Web Dynpro (Flash).</P><P>The use of the Web Browser as FrontEnd in Business transactions will grow in the future.</P><P></P><P>Every week we read of new exploits in applications that enriches the Web Browsers.</P><P>It could be Java Script, Flash or ActiveX. Like this for example:</P><P><A href="http://www.computerworld.com/s/article/9140768/Flash_flaw_puts_most_sites_users_at_risk_say_researchers" target="test_blank">http://www.computerworld.com/s/article/9140768/Flash_flaw_puts_most_sites_users_at_risk_say_researchers</A></P><P></P><P>Some exploits has over the years been so severe that users have been recommended to deactivate the application until a solution is delivered.</P><P></P><P>If we are dependent of the Web Browser application for important Business Transactions it becomes more problematic to deactivate it.</P><P></P><P><STRONG>I am looking for information around this area.</STRONG> I have not found anything in SAPNet or SDN, but I have some problems knowing where to look. I have not found this aspect somewhere. </P><P></P><P>If you have information of official documents or URLs, please provide it in this thread.</P><P></P><P>Cheers,</P><P>Lasse</P></BODY></HTML> Wed, 18 Nov 2009 10:50:56 GMT https://community.sap.com/t5/application-development-and-automation-discussions/exploits-java-script-flash-activex-sap-principles-found-where/m-p/6411454#M1407951 Former Member 2009-11-18T10:50:56Z https://community.sap.com/t5/application-development-and-automation-discussions/exploits-java-script-flash-activex-sap-principles-found-where/m-p/6411455#M1407952 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>I'm not 100% sure if this will help, but you could have a look at two places:</P><P><STRONG>SAP Security Guides</STRONG>: [https://websmp210.sap-ag.de/securityguide]</P><P></P><P> There are security guides for all applications / installations giving recommendations on how to secure the systems.</P><P></P><P><STRONG>SAP Security notes</STRONG>: [https://websmp102.sap-ag.de/securitynotes]</P><P>These SAP OSS notes describe security issues in various SAP components including web applications. On monthly basis security issues and their solutions are published here</P><P></P><P>Kind regards</P><P>Maaike</P></BODY></HTML> Wed, 28 Dec 2011 10:26:45 GMT https://community.sap.com/t5/application-development-and-automation-discussions/exploits-java-script-flash-activex-sap-principles-found-where/m-p/6411455#M1407952 Former Member 2011-12-28T10:26:45Z