RB2: OWASP Day podcast: Exploiting Firefox extensions
Start the discussion
0 Comments
August 21, 2009 --
In this special interview you'll hear our New Zealand correspondent Paul Craig interviewing Security-Assessment.com's Roberto Suggi Liverani and Nick Freeman discuss their research into exploiting Firefox extensions.
These guys were doing a review of a large web application and evaluation of a related firefox extension was in scope.
Skype extensions, search toolbars -- all those extensions that people routinely install into their browsers, well, it turns out a lot of them are buggy as hell and these two have figured out how to exploit these little suckers, and at best guess, there's around 30 million boxes out there vulnerable to the extension bugs they've identified.
User login
Recent podcasts
-
"Mostly pointless" research yields interesting results...
-
All your patchings are belong to big vendors...
-
An interview with IT lawyer Erhan Karabardak...
-
Has much changed in 10 years?
-
When can the feds demand your encryption keys?
Hosted by:
Recent comments
5 days 22 hours ago
1 week 1 day ago
1 week 1 day ago
1 week 2 days ago
2 weeks 12 hours ago
2 weeks 17 hours ago
2 weeks 18 hours ago
2 weeks 4 days ago
2 weeks 4 days ago
2 weeks 4 days ago