![]() Mike Ter Louw, Jin Soon Lim, and VN Venkatakrishnan. ![]() The privacy practices of web browser extensions. David M Martin Jr, Richard M Smith, Michael Brittain, Ivan Fetch, and Hailin Wu.In Network and Distributed System Security Symposium (NDSS), 2012. Chrome extensions: Threat analysis and countermeasures. Lei Liu, Xinwen Zhang, Guanhua Yan, and Songqing Chen.Exploiting cross context scripting vulnerabilities in firefox. XSS Attacks: Cross Site Scripting Exploits and Defense. Seth Fogie, Grossman J, Robert Hansen, Rager A, and Petko D Petkov.In Proceedings of the 19th USENIX conference on Security, pages 23-23. Securing script-based extensibility in web browsers. Firefox add-on spies on google search results. \_addons\_developer\_guide/Technologies\_used\_in\_developing\_extensions. Technologies used in developing extensions.This paper is supported by proof-of-concept add-ons which are developed by exploiting the weakness in Firefox add-on coding. We explain how Firefox insecure policies and Java script based extensions can be abused by an attacker for malicious purposes. Second, we discuss about various vulnerable points of attack in browser extensible model which are not yet addressed by browser developers. ![]() First, it describes the attack vectors which are used by attacker during extension based browser attacks. Although well-intentioned, extension developers are often not security experts and write vulnerable code that can introduce a security hole through which an attacker can penetrate a victim user's browser and steal the user's sensitive information. These extensions enhance the core functionality of browser and provide customization to it. The new unforeseen functionalists may be added to the web browsers in the form of extensions. A Web browser is an important component of every computer system as it provides the interface to the Internet world.
0 Comments
Leave a Reply. |