This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
FROC2010 Abstract Byrne2
From OWASP
Revision as of 21:05, 12 May 2010 by Dc (talk | contribs) (Created page with '==The Presentation: "Beware of Serialized GUI Objects Bearing Data"== A recently discovered view state vulnerability in Apache MyFaces and Sun Mojara allows an attacker to acces…')
The Presentation: "Beware of Serialized GUI Objects Bearing Data"
A recently discovered view state vulnerability in Apache MyFaces and Sun Mojara allows an attacker to access all server-side session data, as well as some globally-scoped application variables. The technical details of the vulnerabilities will be explained and a live demonstration will be performed. A similar vulnerability will also be demonstrated in Microsoft's ASP.Net.