11/12/2009

Firefox most vulnerable browser, Safari close second

Filed under: — By Aviran Mordo @ 5:58 am

Cenzic released its report revealing the most prominent types of Web application vulnerabilities for the first half of 2009. The report details the steady rise of attacks targeting these exploits ultimately costing the U.S. a substantial amount of money in both IT damage and identity theft.

Specifically, the report identified over 3,100 total vulnerabilities, which is a 10 percent increase in Web application vulnerabilities compared to the second half of 2008. Cenzic analyzed all reported vulnerability information from sources including NIST, MITRE, SANS, US-CERT, OSVDB, OWASP, as well as other third party databases for Web application security issues reported during the first half of 2009.

Popular vendors including Sun, IBM, and Apache continue to be among the top 10 most vulnerable Web applications named. The most common published exploits on commercial applications were SQL Injection and Cross Site Scripting (XSS) vulnerabilities, which account for 25 percent and 17 percent of all Web attacks, respectively:

Among Web browsers, Mozilla Firefox had the largest percentage of Web vulnerabilities, followed by Apple Safari, whose browser showed a vast increase in exploits, due to vulnerabilities reported in the Safari iPhone browser:

 

One Response to “Firefox most vulnerable browser, Safari close second”

  1. fring Says:

    Well, what man(or woman) builds, another can take apart. It’s not the vulnerabilities that should worry folks - that’s just a fact of life, it’s the exploits that do the damage.
    Now that’s a different story…

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress