Summary

Previous page
Table of content
Next page

In addition to ActiveX, many technologies are prone to repurposing attacks. Some requests for external data (such as SQL statements and SOAP requests) can be harmful if an attacker can coerce a victim into making requests the attacker specifies. In some cases, the request for external data isnt harmful, but the ability to store that data through repurposing can allow an attacker access to privileged information. Because messages in the Windows operating system can be sent to any application, these messages can also be repurposed. Sometimes a repurposing attack is prevented or mitigated in the client; other times it is prevented on the server receiving the potentially repurposed data. Sometimes an attack isnt prevented at all. Using the tips in this chapter, you can help identify these issues and ensure they are correctly fixed.


Previous page
Table of content
Next page
Hunting Security Bugs
Hunting Security Bugs
ISBN: 073562187X
EAN: 2147483647
Year: 2004
Pages: 156
Authors: Tom Gallagher, Lawrence Landauer, Bryan Jeffries
BUY ON AMAZON
Java I/O
Crystal Reports 9 on Oracle (Database Professionals)
High-Speed Signal Propagation[c] Advanced Black Magic
Kanban Made Simple: Demystifying and Applying Toyotas Legendary Manufacturing Process
Service-Oriented Architecture (SOA): Concepts, Technology, and Design
Microsoft Visual Basic .NET Programmers Cookbook (Pro-Developer)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy