面对日益复杂的网络应用,浏览器软件的功能变得越发复杂。浏览器软件额外的功能辅助了用户的使用,方便了用户的操作,但受制于软件开发者的安全认识水平,这些额外的功能也将新型的安全漏洞引入到了浏览器软件当中。新型的安全漏洞不同于以往的安全漏洞类型,其具有很强的隐蔽性,需要结合特定的功能才能得以实现。文章结合具体漏洞挖掘案例,给出了如何发现浏览器软件新型安全漏洞的方法。% Will face increasingly complex web applications, web browser software function become more complex. Browser software additional auxiliary function for the user to use, convenient for users to operate, but is restricted to the software developer's safety awareness level, these additional features will also be new security holes into the browser software. New security holes is different from the previous security vulnerabilities, and has strong concealment, requires a combination of specific functions can be achieved. In this paper, combined with specific vulnerabilities mining case, given how to find browser software new methodological flaw.
展开▼