This site uses cookies to improve your experience. By viewing our content, you are accepting the use of cookies. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country we will assume you are from the United States. View our privacy policy and terms of use.

Sat.Sep 25, 2010 - Fri.Oct 01, 2010

article thumbnail

IE8 CSS-based forced tweeting

Scary Beasts Security

SEPTEMBER 29, 2010

A few weeks back, I published a demo that uses a serious Internet Explorer cross-origin violation to permit a malicious web page to force the visitor to make unwarranted tweets: [link] The post was light on technical details of how the attack works, so they will be filled in below. In addition, I'll quickly take care of the FAQ: Q) Does this attack affect earlier versions of Internet Explorer, such as IE6?

Internet 50
Internet Internet Accountability 50
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 

Stay Connected

Join 29,000+ Insiders by signing up for our newsletter

About
About
Editions
Editions
Topics
Powered by Aggregage | Terms and Conditions | Your California Rights and Privacy Policy
© Aggregage 2024