This is Roee Hay's Typepad Profile.
Join Typepad and start following Roee Hay's activity
Join Now!
Already a member? Sign In
Roee Hay
Recent Activity
Image
Recently we discovered a very interesting vulnerability in Android’s DNS resolver, a weakness in its pseudo-random number generator (PRNG), which makes DNS poisoning attacks feasible. DNS poisoning attacks endanger the confidentiality and integrity of the target victim’s machine. For instance,... Continue reading
Posted Jul 24, 2012 at IBM Application Security Insider
Why wouldn't they be able to?
They've hardened the file permissions of the journal file (patch is available on AOSP).
Recently we detected a security vulnerability in Android’s SQLite engine which can be exploited by a non-privileged application in order to disclose sensitive information. It enables a malicious application to eavesdrop on database activities performed by any other application using... Continue reading
Posted May 3, 2012 at IBM Application Security Insider
Today we are releasing a very interesting whitepaper which describes a DNS poisoning attack against stub resolvers. It discloses two vulnerabilities: A vulnerability in Java (CVE-2011-3552, CVE-2010-4448) which enables remote DNS poisoning using Java applets. This vulnerability can be triggered... Continue reading
Posted Oct 18, 2011 at IBM Application Security Insider
We have identified that Dolphin Browser HD is also vulnerable to Cross-Application Scripting, by using the same attack vector as of the Android Browser vulnerability we disclosed last month. This vulnerability can be exploited by a non-privileged application in order... Continue reading
Posted Sep 20, 2011 at IBM Application Security Insider
Recently we detected a security vulnerability in Opera Mobile for Android which can be exploited by a non-privileged application in order to inject JavaScript code into the context of any domain; therefore, this vulnerability has the same implications as global... Continue reading
Posted Sep 20, 2011 at IBM Application Security Insider
Recently we detected a security vulnerability in Android’s Browser which can be exploited by a non-privileged application in order to inject JavaScript code into the context of any domain; therefore, this vulnerability has the same implications as global XSS, albeit... Continue reading
Posted Aug 2, 2011 at IBM Application Security Insider
Hey, Recently Yair Amit and I have discovered a Cross-Application Scripting (CAS) vulnerability in Babylon which can lead to Remote Code Execution. The advisory can be downloaded here. A video which demonstrates the issue: We would like to thank the... Continue reading
Posted Nov 10, 2010 at IBM Application Security Insider