Security researcher Aditya Sood have discovered a flaw affecting Google's Chrome browser that exposes it to "clickjacking". ClickJacking is hard to trace in which an attacker hijacks a browser's functions by substituting a legitimate website link with attacker's links. The bug was disclosed at Insecure.org, bugtrack form.
According to the description, The Google chrome browser is vulnerable to clickjacking flaw.A
clickjacked page tricks a user into performing undesired actions by clicking on a concealed link. attackers can trick users into performing actions which the users never intended to do and there is no way of tracing such actions later, as the user was genuinely authenticated on the other page.
Bugtraq: Advisory: Google Chrome 1.0.154.43 ClickJacking Vulnerability.
"Attackers can trick users into performing actions which the users never intended to do and there is no way of tracing such actions later, as the user was genuinely authenticated on the other page," Sood said within the disclosure.
Google acknowledges this vulnerability and already working on it.
Tags:
Thursday, January 29, 2009
ClickJacking Google Chrome!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment