|
Hi
This paper exposes a new attack vector of testing web applications
having upload functionality.
It enhances the web application penetration testing perspective by
demonstrating a new way to
produce XSS in the web applications when a word document is rendered
directly in the browser.
This attack has been tested on number of enterprise web applications and
is successfully triggered.
The vendor have been given advisories in relation to this attack vector.
It works fine with custom
designed web applications in distributed environment.
Some time enhanced functionality in software leads to generation of new
attack vectors.
You can download the paper at:
http://www.secniche.org/paper.html
http://www.secniche.org/papers/SNS_09_01_Evad_Xss_Filter_Msword.pdf
Regards
Aditya K Sood
Founder , SecNiche Security
http://www.secniche.org