YoVDO

SVG - Exploiting Browsers without Image Parsing Bugs

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Computer Science Courses Web Development Courses Javascript Courses XML Courses Browser Exploitation Courses

Course Description

Overview

Explore the security implications of SVG in web browsers through this 24-minute Black Hat conference talk. Delve into the lesser-known aspects of SVG, including its ability to contain JavaScript and import external scripts and stylesheets. Understand why treating SVG like a simple image format such as JPEG can lead to significant security vulnerabilities. Learn how SVG's XML-based format for vector graphics, combined with its support for CSS styling and JavaScript manipulation, necessitates treating it with the same security considerations as HTML. Gain insights from speaker Rennie deGraaf on the potential risks and exploits associated with SVG in modern web browsers, and discover why proper security measures are crucial when handling this versatile but potentially dangerous file format.

Syllabus

SVG: Exploiting Browsers without Image Parsing Bugs


Taught by

Black Hat

Related Courses

Programming Languages
University of Virginia via Udacity Building a Basic Website
University of Massachusetts Amherst via Independent iDESWEB, Introducción al desarrollo web
Miríadax Web Engineering II: Developing Mobile HTML5 Apps
Technische Hochschule Mittelhessen via iversity Web Application Architectures
University of New Mexico via Coursera