[ISN] Android browser flaw found to leak data

October 3, 2014 Lawrence Pingree

http://www.csoonline.com/article/2690910/application-security/android-browser-flaw-found-to-leak-data.html By Antone Gonsalves CSO Oct 2, 2014 A security researcher has found another flaw in the Android browser that a cybercriminal could use to steal sensitive data. The latest same-origin policy (SOP) bypass vulnerability is the second discovered by researcher Rafay Baloch, who discovered the first, CVE-2014-6041, last month. The vulnerability is in how Javascript is handled by the Android function responsible for loading frame URLs. The SOP is supposed to prevent JavaScript from one Web page accessing content from another page. However, the flaw enables that barrier to be bypassed, so an attacker can read the content of browser tabs, when the user visits a page controlled by the attacker. […]

Tags: able, application, com, content, cyber, data, Law, Security, use, vulnerability

Advanced & Persistent Security

This popup will close in:

Buy a copy of my book!

This management book focuses on the crucial knowledge you'll need to become a great manager and leader. It will teach you the important management and leadership skills so others will call you "great"!

Order a Copy Now

M	T	W	T	F	S	S
« Sep				Nov »
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31