Posts tagged 'Bounty Podcast'

179 - Client-Side Path Traversal and Hiding Your Entitlement(s)

This week kicks off with another look at client-side path traversal attacks, this time with some more case-studies. Then we get into some mobile issues, one a cool desync between DER processors resulting in an iOS privilege escalation. The other a Bundle processing issue in Android that provides an almost use-after-free like primitive but in Java.
 
1
2
3
4
5
6