24. W3C "I don't think it's ready for production yet," especially since W3C still will make some changes on APIs, said Le Hegaret. "The real problem is can we make HTML5 work across browsers and at the moment, that is not the case." [6th October 2010]
25. Application Delivery The Web at present Authentication Statefulness Data Typing Non-mutable HTTP HTML AJAX Flash Sandbox HTML5 Anti-XSS WAF Silverlight Web sockets MIND THE GAP
Talk about the BROWSER WARS. The race is on for the fastest JS interpreter. IE vs FF, Chrome vs Safari, Chrome offering an IE-plugin (Frankenchrome), IE calling the Chrome plugin insecure, Steve Jobs trashing Flash, Chrome making Flash an integral part of the browser, and the list goes on...
Slew of recent Java vulnerabilities. Latest one being the command exec vuln with JavaWebStart. Quicktime, VLC and other plugins keep getting exploited regularly. So do toolbars.
Flash Sprays
URL Shorteners, can host an entire exploit.
800+ Javascript events, Video, and more
JNLP IE8 exploit on Win7Adobe Cooltype exploit on Win7IE8CSS exploit on Win7