Bugtraq mailing list archives
Cross-Site History Manipulation (XSHM)
From: "Alex Roichman" <Alexr () Checkmarx com>
Date: Sun, 31 Jan 2010 09:47:38 +0200
Checkmarx Research Labs has identified a new critical vulnerability in Internet Explorer (other browsers are probably exposed the same way) that would allow hackers to easily compromise web applications. Cross-Site History Manipulation (XSHM) is a newly discovered zero-day attack: attackers may have been using it for a long time, but the application and security communities do not know it. To help major browsers or application developers stop the proliferation of this exploit, Checkmarx has published a guide to identify and remediate the vulnerability. It can be downloaded at http://www.checkmarx.com/CxDownloadRequest.aspx?id=8 A POC for IE and Facebook users can be seen here: http://www.checkmarx.com/Demo/XSHM.aspx In this page, an attacker can easily detect whether a user is currently authenticated to the Facebook application. Interested parties will be able to detect XSHM in samples of their application by using a free download version of the product. Thanks, Alex Roichman Chief Architect and head of Research labs, Checkmarx Ltd. Securitylabs () checkmarx com
Current thread:
- Cross-Site History Manipulation (XSHM) Alex Roichman (Feb 01)
- Re: Cross-Site History Manipulation (XSHM) Michal Zalewski (Feb 01)