Blackhat talk: Language of Trust aka Attacking Interoperability by Mark Dowd, Ryan Smith and David Dewey
July 30th, 2009
No comments
Interoperability is everywhere in browsers Java <-> VBScript, VBscript <-> .NET, .NET <-> Javascript, Javascript <-> DOM etc. This interoperability presents a large attack surface, which is up to now where not well explored.
There is a lot of code involved converting types between various languages.