_google-youtube-crossdomain-security-flaw.jpg "Google YouTube crossdomain security flaw from gmail login into my account Video Screenshot Preview")
GalleryPlay Video:
(Note: The default playback of the video is HD VERSION. If your browser is buffering the video slowly, please play the REGULAR MP4 VERSION or Open The Video below for better experience. Thank you!)
⏲ Duration: 61 sec
✓ Published: 19-Sep-2008
✓ Published: 19-Sep-2008
Description:
In doing some crossdomain.xml Flash research I noticed that YouTubes policy file trusted *.google.com. Theyve since removed it after I privately disclosed the following security flaw to Google. My idea was if an attacker could upload an arbitrary Flash movie (SWF) anywhere on the google.com domain they could leverage that trust. So if an authenticated YouTube user visited an attacker-controlled page anywhere on the Web, the attacker could SRC in the google.com hosted SWF, and use it compromise t
In doing some crossdomain.xml Flash research I noticed that YouTubes policy file trusted *.google.com. Theyve since removed it after I privately disclosed the following security flaw to Google. My idea was if an attacker could upload an arbitrary Flash movie (SWF) anywhere on the google.com domain they could leverage that trust. So if an authenticated YouTube user visited an attacker-controlled page anywhere on the Web, the attacker could SRC in the google.com hosted SWF, and use it compromise t
Share with your friends:
Whatsapp | Viber | Telegram | Line | SMS
Email | Twitter | Reddit | Tumblr | Pinterest
_how-to-log-into-your-gmail-account.webp "Insider Tech")
_logging-into-gmail.webp "When The Bleep Are We Going to Use That!")
_realistic-doll-figure.webp "REALISTIC DOLL FIGURE Fondant Modeling Tutorial nMaster Course for Intermediate Cakers & Professionals ( Presented in English ) nnHello everyone!!I am So Pleased to present a great new fondant figure tutorial called “Realistic Doll Figure”!!! This tutorial is Really Special because in it, I am going to take you DEEP into the process of nhow to make an mesmerizingly LIFE LIKE female fondant figure... nThese are skills that you will definitely want to add to your repertoire because they")
_how-to-login-to-another-gmail-account-on-mobile.webp "Trevor Nace")
_how-to-log-into-your-gmail-account.jpg)
_logging-into-gmail.jpg)
_realistic-doll-figure.jpg)
_how-to-login-to-another-gmail-account-on-mobile.jpg)
![[+]](/images/menu.gif){kind=small}