For all those people who say browser vulnerabilities are no big deal, this iFrame can be used to steal information or host malware. This is a great example of why it is in fact a big deal if a website can exploit your browser. 90,000 sites on the web are hosting this site which is malicious...
Pwn2Own accepts browser exploits because they know that the web is a prolific attack vector and widespread XSS, SQL injection, and PHP worms can lead to high rates of hosted malware and thus high infection rates through browser based exploits.
This is a huge deal and I wish it the analysis in this article pointed out what the stakes are for XSS attacks and received more coverage. 90,000 sites + 1 IE, Safari, or Firefox exploit means potentially millions infected.
Discussion on:
Message 1 of 1
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
