JavaScriptSearch
Wednesday, January 3, 2007; 07:43 AM
The Imperva Application Defense Center today announced the discovery of a critical vulnerability in DWR (Direct Web Reporting), a key underlying technology in the AJAX (Asynchronous JavaScript and XML) web application development framework. This client-side vulnerability can be exploited to launch Denial of Service (DoS) attacks and break into back-end servers and databases. AJAX is emerging as the new lingua franc for building new generation Web 2.0 applications such as Google Maps. Since AJAX executes a much larger proportion of application logic in the web browser than traditional web applications, it exposes a broader attack surface to client-side exploits used by attackers to target sensitive back-end servers directly. The ADC has published a free security advisory that details the DWR vulnerability and how to mitigate attacks. Amichai Shulman, head of the ADC, is available to discuss this vulnerability as well as AJAX/Web 2.0 security issues.
Imperva is a global leader in data security and compliance solutions for the data center. The company’s SecureSphere database and web application appliances are deployed in leading financial, retail, telecommunications, healthcare, and government organizations around the globe. Founded over four years ago, Imperva is a solid, privately held company with growing revenues and backing from Accel Partners, Greylock Partners, US Venture Partners, and Venrock Associates. For more information, visit www.imperva.com.
|
NEWS BY MONTH
EDITOR'S DESK
SUBMIT NEWS
