[Back]


Contributions to Proceedings:

M. Neugschwandtner, M. Lindorfer, Ch. Platzer:
"A View to a Kill: WebView Exploitation";
in: "USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)", USENIX, 2013.



English abstract:
WebView is a technique to mingle web and native
applications for mobile devices. The fact that its main incentive
requires making data stored on, as well as the functionality of
mobile devices, directly accessible to active web content, is not
without consequences to security.
In this paper, we present a threat scenario that targets
WebView apps and show its practical applicability in a case study
of selected apps. We further show results of our examination of
over 287,000 apps in regard to WebView-related vulnerabilities.


Electronic version of the publication:
http://publik.tuwien.ac.at/files/PubDat_223415.pdf