Beiträge in Tagungsbänden:
M. Neugschwandtner, M. Lindorfer, Ch. Platzer:
"A View to a Kill: WebView Exploitation";
in: "USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)",
USENIX,
2013.
Kurzfassung englisch:
WebView is a technique to mingle web and native
applications for mobile devices. The fact that its main incentive
requires making data stored on, as well as the functionality of
mobile devices, directly accessible to active web content, is not
without consequences to security.
In this paper, we present a threat scenario that targets
WebView apps and show its practical applicability in a case study
of selected apps. We further show results of our examination of
over 287,000 apps in regard to WebView-related vulnerabilities.
Elektronische Version der Publikation:
http://publik.tuwien.ac.at/files/PubDat_223415.pdf
Erstellt aus der Publikationsdatenbank der Technischen Universität Wien.