Browser exploit
Encyclopedia
A browser exploit is a form of malicious code that takes advantage of a flaw or vulnerability in an operating system or piece of software with the intent to alter a user's browser settings without their knowledge. Malicious code may exploit ActiveX
ActiveX
ActiveX is a framework for defining reusable software components in a programming language-independent way. Software applications can then be composed from one or more of these components in order to provide their functionality....

, HTML
HTML
HyperText Markup Language is the predominant markup language for web pages. HTML elements are the basic building-blocks of webpages....

, images, Java
Java (programming language)
Java is a programming language originally developed by James Gosling at Sun Microsystems and released in 1995 as a core component of Sun Microsystems' Java platform. The language derives much of its syntax from C and C++ but has a simpler object model and fewer low-level facilities...

, JavaScript
JavaScript
JavaScript is a prototype-based scripting language that is dynamic, weakly typed and has first-class functions. It is a multi-paradigm language, supporting object-oriented, imperative, and functional programming styles....

, and other Web technologies and cause the browser to run arbitrary code.

Symptoms

Users whose web browsers have fallen victim of a successful browser exploit may find their homepage, search page, and/or favorites have been changed. Other signs include Internet settings options within the browser being altered, access being blocked to specific functions, and the redirection of incorrectly typed URL prefixes.

Prevention

There are multiple ways users can protect their web browsers from falling victim to a browser exploit. Such things include installing firewall software, keeping software updated, being cautious when downloading files, and not opening email attachments from unknown sources.

Framework

A Browser Exploitation Framework
BeEF (Browser Exploitation Framework)
The Browser Exploitation Framework is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetration tester with practical client side attack vectors....

 could be used to attack browsers in realtime.

See also

  • Comparison of web browser vulnerabilities

External links

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK