Vulnerability Development mailing list archives
CSS implication
From: zero <zeroboy () arrakis es>
Date: Sat, 16 Mar 2002 14:38:44 +0100
Hi all,I'm working on a CSS paper, and I was wondering, what are the real implications of a CSS attack. When some site is vuln to a CSS problem, you're able to execute code on the web. I've thought about the implications of this. First of all:
- You can steal cookies from users
- You can send bogus links faking the original site: i.e
http://site/vuln.php?query=<script>...(faking vuln.php)...</script>
- You can download & launch activeX (possible to download and
execute trojans?)
Any more dangerous implications? mailto:zeroboy () arrakis es http://www.podergeek.com http://www.citfi.org **************************************************"The further backward you look, the further forward you can see" Winston Churchill
"Para ganar, hay gente que debe perder"
Current thread:
- CSS implication zero (Mar 16)
- Re: CSS implication Jeremiah Grossman (Mar 16)
- <Possible follow-ups>
- Re: CSS implication Frog Man (Mar 17)
- Re: CSS implication Bill Weiss (Mar 17)
- Re: CSS implication zero (Mar 17)
- Re: CSS implication Jeremiah Grossman (Mar 18)
- Re: CSS implication zero (Mar 18)
- Re: CSS implication Jeremiah Grossman (Mar 19)
- Re: CSS implication Sverre H. Huseby (Mar 23)
- Re: CSS implication Jeremiah Grossman (Mar 18)
- Re: CSS implication Arta (Mar 18)