lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <9A4011D3AB49428EA2C41CB5759E53BC@acros.si>
Date: Wed, 4 Jan 2012 15:27:11 +0100
From: "ACROS Security Lists" <lists@...os.si>
To: <bugtraq@...urityfocus.com>, <full-disclosure@...ts.grok.org.uk>,
  <cert@...t.org>, <si-cert@...es.si>
Subject: Google Chrome HTTPS Address Bar Spoofing


Google awarded one of our security researchers a Chromium Security Reward for an
HTTPS address bar spoofing bug in Chrome 14 and 15 (although it may be present in
older versions too). The bug was fixed in Chrome 16, most browsers seem to be updated
and we're happy to share technical details with the research community.

http://blog.acrossecurity.com/2012/01/google-chrome-https-address-bar.html

or

http://bit.ly/wt9qXs

Enjoy the reading!


Mitja Kolsek, CEO

ACROS, d.o.o.
Makedonska ulica 113, SI - 2000 Maribor, Slovenia
Tel +386.2.3000.280  Fax +386.2.3000.282
Web http://www.acrossecurity.com
Blg http://blog.acrossecurity.com  Twt @acrossecurity

ACROS Security: Finding Your Digital Vulnerabilities Before Others Do
 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ