This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

FROC2010 Abstract Byrne2

From OWASP
Revision as of 21:05, 12 May 2010 by Dc (talk | contribs) (Created page with '==The Presentation: "Beware of Serialized GUI Objects Bearing Data"== A recently discovered view state vulnerability in Apache MyFaces and Sun Mojara allows an attacker to acces…')

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The Presentation: "Beware of Serialized GUI Objects Bearing Data"

A recently discovered view state vulnerability in Apache MyFaces and Sun Mojara allows an attacker to access all server-side session data, as well as some globally-scoped application variables. The technical details of the vulnerabilities will be explained and a live demonstration will be performed. A similar vulnerability will also be demonstrated in Microsoft's ASP.Net.


The Speakers: David Byrne and Rohini Sulatycki, Trustwave

Back to Conference Agenda

Retrieved from "https://wiki.owasp.org/index.php?title=FROC2010_Abstract_Byrne2&oldid=83451"