| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANDsws0PJvyecB4icAuiDxztRcT57x_iho0ubdV4PuSZaL-kwQ@mail.gmail.com> Date: Mon, 14 Jul 2014 20:15:56 +0500 From: Rafay Baloch <rbsoulhunter17@...il.com> To: fulldisclosure@...lists.org Subject: [FD] Puffin Web Browser Address Bar Spoofing Vulnerability puts Millions of users at risk Greetings, I have discovered an address bar spoofing vulnerability inside of Puffin Web browser which has user base of more than 10 million Google play and Mobo genie combined. (Just for android). A detailed writeup and a video demonstration and POC is available here: http://www.rafayhackingarticles.net/2014/07/puffin-web-browser-address-bar-spoofing.html -- Warm Regards, Rafay Baloch http://rafayhackingarticles.net _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists