SEARCH RESULTS
 
Showing 1-10 of 27 records
 
Expand article

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...parameters is vulnerable to reflected XSS. With a vulnerable application, an attacker can craft a malicious URL and send it to the victim via email or any other mode of communication. When the victim visits the tampered link, the page is loaded along with the injected script that is executed in the context of the victim's session The general...
 
Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check
 
 
 
 
Expand article

Scrawlr: Are We Being Too Greedy?

2008-06-25 16:19:45 by Chris Eng in Zero in a bit
 
...Parameters This is probably the toughest one to swallow. Its not that difficult to parse out forms from HTML, and form POSTs can represent a major chunk of the attack surface. Granted, the Chinese tool associated with the mass attacks did operate solely on GET requests (i.e. parameters in the query string) so HP can defend this again by...
 
Tags: sql injection, sql injection scanners, sql injection vulnerabilities, blind, blind sql injection, scrawlr, tool, free tool, mass attacks
 
 
 
 
Expand article

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...parameters is vulnerable to reflected XSS. With a vulnerable application, an attacker can craft a malicious URL and send it to the victim via email or any other mode of communication. When the victim visits the tampered link, the page is loaded along with the injected script that is executed in the context of the victim's session The general...
 
Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check
 
 
 
 
Expand article

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...parameters is vulnerable to reflected XSS. With a vulnerable application, an attacker can craft a malicious URL and send it to the victim via email or any other mode of communication. When the victim visits the tampered link, the page is loaded along with the injected script that is executed in the context of the victim's session The general...
 
Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check
 
 
 
 
Expand article

Anti-Debugging Series - Part III

2009-01-07 20:54:48 by Tyler Shields in Zero in a bit
 
...parameters, the first two of which are the most interesting to our anti-debugging efforts. The first parameter is a HANDLE to the target process that we wish to interrogate. Since we are trying to determine information about our own process, we will use a HANDLE that points to ourselves. By default, a HANDLE value of -1 will instruct the...
 
Tags: api based, api, api calls, function, function call takes, pointer, function pointer, call, function prototype
 
 
 
 
Expand article

An Option with a Negative Implied Volatility?

2006-08-14 06:27:00 by Jomni in Risk Management Quant
 
...parameters and a model or formula, it is indeed possible to have negative results. But does it make sense? Intuitively, we would think that the volatility measure should only be positive and it does not make sense if negative. I think negative implied vols are a result of either a misspecification in the model, or mispricing by the market (an...
 
Tags: negative, negative results, market, market parameters, volatility measure, model, subject matter, option, arbitrage opportunity
 
 
 
 
Expand article

On virtualisation

2007-05-29 16:20:00 by Niels Provos in Google Online Security Blog
 
...parameters for the operation, this could lead to an attacker compromising the virtual machine process. While you would typically require root (or equivalent) privileges in the guest to interact with a device at the low level required, device drivers will often offload the parameter checking required onto the hardware, so in theory an...
 
Tags: machine, virtual machine process, virtual machine software, host machine, host, software, virtual machine, low, low level access
 
 
 
 
Expand article

Skype Clarifies: The Bug Has Been Fixed

2007-08-22 12:54:28 by Editor in Cheap Hack
 
...parameters of the P2P network have been tuned to be smarter about how similar situations should be handled. Once we found the algorithmic fix to ensure continued operation in the face of high numbers of client reboots, the efforts focused squarely on stabilising the P2P core. The fix means that we've tuned Skype's P2P core so that it can cope...
 
Tags: skype, tuned skype, p2p core, core, bug, similar situations, similar, fix, tuned
 
 
 
 
Expand article

Ethics of Autonomous Military Robots

2008-01-28 07:12:35 by schneier in Schneier on Security
 
...parameters that will ensure moral performance, should those norms be violated in any way, involving reflective and affective processing A means to make responsibility assignment clear and explicit for all concerned parties regarding the deployment of a machine with a lethal potential on its mission Over the next two years, this architecture...
 
Tags: ethical, ethical constraint set, ethical robotic warfighter, ethics, ethical boundaries, international protocols, war tradition subscribes, war, international
 
 
 
 
Expand article

My Princeton Experience and Optimism for Encryption

2008-02-26 05:56:00 by Patrick McGregor in Data Protection, Management and Leakage