An attacker is able to trick the victim into executing a Flash document
						that passes commands or calls to a Flash player browser plugin, allowing the
						attacker to exploit native Flash functionality in the client browser. This
						attack pattern occurs where an attacker can provide a crafted link to a
						Flash document (SWF file) which, when followed, will cause additional
						malicious instructions to be executed. The attacker does not need to serve
						or control the Flash document. The attack takes advantage of the fact that
						Flash files can reference external URLs. If variables that serve as URLs
						that the Flash application references can be controlled by through
						parameters, then by creating a link that includes values for those
						parameters, an attacker can cause arbitrary content to be referenced and
						possibly executed by the targeted Flash application.