PPT Slide

Web-based firewall bypass

Postscript vulnerability in "secure" browsers

Demonstrated in mid-'95 in "self-tests"

Offered to NSA for demonstration in late '95

Demonstrated in all.net tests in '96

firewall

browser

victims

Evil.Com

send .ps file

http://evil.com/

.ps file interpreted corrupts browser

new executable on browser attacks site

Previous slide Next slide Back to first slide View graphic version