Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense

by Adam Barth , Joel Weinberger , Dawn Song

Citations:

13 - 3 self

Datum	Value	Source
TITLE	Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense	SVM HeaderParse 0.2
AUTHOR NAME	Adam Barth	SVM HeaderParse 0.2
AUTHOR AFFIL	UC Berkeley	SVM HeaderParse 0.2
AUTHOR NAME	Joel Weinberger	SVM HeaderParse 0.2
AUTHOR AFFIL	UC Berkeley	SVM HeaderParse 0.2
AUTHOR NAME	Dawn Song	SVM HeaderParse 0.2
AUTHOR AFFIL	UC Berkeley	SVM HeaderParse 0.2
ABSTRACT	We identify a class of Web browser implementation vulnerabilities, cross-origin JavaScript capability leaks, which occur when the browser leaks a JavaScript pointer from one security origin to another. We devise an algorithm for detecting these vulnerabilities by monitoring the “points-to ” relation of the JavaScript heap. Our algorithm finds a number of new vulnerabilities in the opensource WebKit browser engine used by Safari. We propose an approach to mitigate this class of vulnerabilities by adding access control checks to browser JavaScript engines. These access control checks are backwardscompatible because they do not alter semantics of the Web platform. Through an application of the inline cache, we implement these checks with an overhead of 1–2 % on industry-standard benchmarks. 1	SVM HeaderParse 0.2
CITATIONS	17 found	ParsCit 1.0