YoVDO

SVG - Exploiting Browsers without Image Parsing Bugs

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Computer Science Courses Web Development Courses Javascript Courses XML Courses Browser Exploitation Courses

Course Description

Overview

Explore the security implications of SVG in web browsers through this 24-minute Black Hat conference talk. Delve into the lesser-known aspects of SVG, including its ability to contain JavaScript and import external scripts and stylesheets. Understand why treating SVG like a simple image format such as JPEG can lead to significant security vulnerabilities. Learn how SVG's XML-based format for vector graphics, combined with its support for CSS styling and JavaScript manipulation, necessitates treating it with the same security considerations as HTML. Gain insights from speaker Rennie deGraaf on the potential risks and exploits associated with SVG in modern web browsers, and discover why proper security measures are crucial when handling this versatile but potentially dangerous file format.

Syllabus

SVG: Exploiting Browsers without Image Parsing Bugs


Taught by

Black Hat

Related Courses

Probabilistic Graphical Models 1: Representation
Stanford University via Coursera Computer Security
Stanford University via Coursera Intro to Computer Science
University of Virginia via Udacity Introduction to Logic
Stanford University via Coursera Internet History, Technology, and Security
University of Michigan via Coursera