AOH :: HP Unsorted C :: VA1777.HTM

countermeasure against attacks through HTML shared files



countermeasure against attacks through HTML shared files
countermeasure against attacks through HTML shared files



Hello,

I wanted to announce a Pomcor white paper that
looks at attacks through HTML shared files in Web
applications and proposes a countermeasure.  These
are essentially XSS attacks, but the usual
defenses against XSS are typically not available,
because shared files cannot be sanitized.

The paper is available at:

http://www.pomcor.com/whitepapers/file_sharing_security.pdf 

I have not been able to find much prior work.
What I've found is discussed in Section 2 of the
paper.  If I've missed something, please let me
know.

Thanks,

Francisco Corella




The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.