This HTML5 document contains 44 embedded RDF statements represented using HTML+Microdata notation.

The embedded RDF content will be recognized by any processor of HTML5 Microdata.

Namespace Prefixes

PrefixIRI
dctermshttp://purl.org/dc/terms/
yago-reshttp://yago-knowledge.org/resource/
dbohttp://dbpedia.org/ontology/
foafhttp://xmlns.com/foaf/0.1/
n18https://global.dbpedia.org/id/
yagohttp://dbpedia.org/class/yago/
dbthttp://dbpedia.org/resource/Template:
rdfshttp://www.w3.org/2000/01/rdf-schema#
freebasehttp://rdf.freebase.com/ns/
rdfhttp://www.w3.org/1999/02/22-rdf-syntax-ns#
owlhttp://www.w3.org/2002/07/owl#
dbpedia-ithttp://it.dbpedia.org/resource/
wikipedia-enhttp://en.wikipedia.org/wiki/
dbchttp://dbpedia.org/resource/Category:
dbphttp://dbpedia.org/property/
provhttp://www.w3.org/ns/prov#
xsdhhttp://www.w3.org/2001/XMLSchema#
wikidatahttp://www.wikidata.org/entity/
goldhttp://purl.org/linguistics/gold/
dbrhttp://dbpedia.org/resource/

Statements

Subject Item
dbr:Uncontrolled_format_string
dbo:wikiPageWikiLink
dbr:Cross-application_scripting
Subject Item
dbr:Cross-application_scripting
rdf:type
yago:Action100037396 yago:YagoPermanentlyLocatedEntity yago:Feat100036762 yago:Event100029378 dbo:Software yago:Abstraction100002137 yago:Accomplishment100035189 yago:WikicatComputerSecurityExploits yago:Act100030358 yago:PsychologicalFeature100023100
rdfs:label
Cross-application scripting Cross Application Scripting
rdfs:comment
Il Cross Application scripting (CAS) è una vulnerabilità che affligge applicazioni desktop che impiegano un insufficiente controllo dell'input. Un CAS permette ad un attaccante di inserire codice al fine di modificare il contenuto di una applicazione desktop utilizzata. In questo modo si potranno sottrarre dati sensibili presenti nel sistema degli utenti. Gli attacchi alle vulnerabilità CAS hanno effetti dirompenti perché possono implicare la completa compromissione dei target indipendentemente da sistemi operativi e piattaforme. Cross-application scripting (CAS) is a vulnerability affecting desktop applications that don't check input in an exhaustive way. CAS allows an attacker to insert data that modifies the behaviour of a particular desktop application. This makes it possible to extract data from inside of the users' systems. Attackers may gain the full privileges of the attacked application when exploiting CAS vulnerabilities; the attack is to some degree independent of the underlying operating system and hardware architecture.
dcterms:subject
dbc:Computer_security_exploits
dbo:wikiPageID
26617244
dbo:wikiPageRevisionID
1059526086
dbo:wikiPageWikiLink
dbr:GTK+ dbr:Clickjacking dbr:Qt_(framework) dbr:Format_string_attack dbr:Milan dbr:Cross-site_scripting dbc:Computer_security_exploits dbr:Software_widget dbr:Phishing dbr:Cross-site_request_forgery
owl:sameAs
wikidata:Q3698651 freebase:m.0bh9m0m yago-res:Cross-application_scripting dbpedia-it:Cross_Application_Scripting n18:3QkeF
dbp:wikiPageUsesTemplate
dbt:More_citations_needed dbt:Reflist
dbo:abstract
Il Cross Application scripting (CAS) è una vulnerabilità che affligge applicazioni desktop che impiegano un insufficiente controllo dell'input. Un CAS permette ad un attaccante di inserire codice al fine di modificare il contenuto di una applicazione desktop utilizzata. In questo modo si potranno sottrarre dati sensibili presenti nel sistema degli utenti. Gli attacchi alle vulnerabilità CAS hanno effetti dirompenti perché possono implicare la completa compromissione dei target indipendentemente da sistemi operativi e piattaforme. Scoperta inizialmente da Emanuele Gentili e presentata insieme ad altri due ricercatori, che hanno partecipato allo studio della tecnica e alle sue applicazioni, Emanuele Acri ed Alessandro Scoscia durante il Security Summit 2010 di Milano, questa nuova categoria di attacco è risultata vincente su prodotti di note software house commerciali ed open source. Cross-application scripting (CAS) is a vulnerability affecting desktop applications that don't check input in an exhaustive way. CAS allows an attacker to insert data that modifies the behaviour of a particular desktop application. This makes it possible to extract data from inside of the users' systems. Attackers may gain the full privileges of the attacked application when exploiting CAS vulnerabilities; the attack is to some degree independent of the underlying operating system and hardware architecture. Initially discovered by Emanuele Gentili and presented with two other researchers (Alessandro Scoscia and Emanuele Acri) that had participated in the study of the technique and its implications, it was presented for the first time during the Security Summit 2010 in Milan. The format string attack is very similar in concept to this attack and CAS could be considered as a generalization of this attack method. Some aspects of this technique have been previously demonstrated in clickjacking techniques.
gold:hypernym
dbr:Vulnerability
prov:wasDerivedFrom
wikipedia-en:Cross-application_scripting?oldid=1059526086&ns=0
dbo:wikiPageLength
3436
foaf:isPrimaryTopicOf
wikipedia-en:Cross-application_scripting
Subject Item
dbr:Cross_Application_Scripting
dbo:wikiPageWikiLink
dbr:Cross-application_scripting
dbo:wikiPageRedirects
dbr:Cross-application_scripting
Subject Item
wikipedia-en:Cross-application_scripting
foaf:primaryTopic
dbr:Cross-application_scripting