This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.

August, 2010

article thumbnail

Internet Explorer considered harmful

Scary Beasts Security

AUGUST 4, 2010

Now that this paper is officially public, the full story of CSS-based cross-origin theft can come out. (As an aside I'd like to note that I contributed little other than review to the paper so credit must go to the other named individuals). For background reading, see my Dec 2009 original post and an update that notes Firefox fixing the issue. In the original post, I state two mitigating factors that prevent the attack being very serious: the fact that quotes and particularly newlines stop the a

Internet 50
Internet Internet Accountability Software 50
article thumbnail

Identifying internet explorer user with a smb query

Elie

AUGUST 11, 2010

Internet Explorer privacy is flawed. This blog post shows how to abuse SMB query to force Internet explorer to disclose windows username, domain and version even while in private mode or using an HTTP proxy. Proof of concept included.

Internet 48
Internet Internet 48
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 

Stay Connected

Join 28,000+ Insiders by signing up for our newsletter

About
About
Editions
Editions
Topics
Powered by Aggregage | Terms and Conditions | Your California Rights and Privacy Policy
© Aggregage 2024