“…ActionScript security has been studied extensively in the past, including inconsistencies of security models of AS and JavaScript for cross-platform web contents [79], interaction between AS and DOM capability tokens [57], mitigation techniques for AS-based DNS rebinding [45] and ROP attacks [76], malicious Flash URL redirections [93], anomaly-based Flash malware detection [47,98], and lack of secure and airtight implementation of the AVM [91]. To our knowledge unlike our paper, no related work focuses on generating exploits for AS.…”