Wednesday, September 21, 2011

XSS in Skype iOS can steal your contacts

Phil Purviance was discovered last Sunday an XSS vulnerability in VoIP softwareSkype platforms IOS . The feat is to use the XSS to refuel. A hacker can use JavaScript commands when talking to the victim in question. It, not aware, is thus steal some information the address book listing all contacts.

In fact, with this XSS, a hacker can access all system files that the application itself is authorized to use. "Phew," Apple has a system application that runs in the  sandbox  is very little information retrieved by a computer hacker. But some data - including just the address book - do not run that way.
To show us behind the scenes, Purviance offers a video showing the process.

 Finally, one aspect is reassuring. Skype is aware of this flaw and is working hard to correct it.They also hope to make a security update as quickly as possible.


Post a Comment


Twitter Delicious Facebook Digg Stumbleupon Favorites More