On CHOW: Perfect MARGARITA recipe

Search:
Go!


advertisement
Content from CNET tagged with

XSS

1 | 2

News Stories

Showing 1-20 of 21 results found

Gmail cookie vulnerability exposes user's privacy

September 27, 2007 Program developed by "ethical hacking" group takes advantage of cross-site scripting vulnerability to steal contacts, forward e-mail. TAGS: XSS, Gmail, cookie, vulnerability, organization, Google Inc., attacker, hacking, security, password, e-mail

Symantec warns of router compromise

January 24, 2008 Security company says it has seen an attack using a cross-site scripting flaw in 2Wire DNS routers. TAGS: 2Wire, e-card, router, Symantec Corp., XSS, DNS, HTTP, domain name, IP address, attack, IP, security

Samy opens new front in worm war

October 17, 2005 Security experts fear would-be attackers will copy the worm, which exploits an unaddressed scripting flaw. TAGS: XSS, Trend Micro Inc., worm, MySpace, denial of service, profile, front, technique, Web browser, security, attack, e-mail

Google plugs account hijack holes

January 16, 2007 If left unpatched, the vulnerability could let hackers modify third-party documents and view e-mail subjects, search history. TAGS: XSS, Google Inc., vulnerability, cookie, hacker, security, e-mail

Opera fixes browser flaws

June 17, 2005 Several security holes, including ones that could be used in spoofing attacks, are plugged in browser update, company says. TAGS: Opera Software, XSS, Web browser, security

Yahoo fixes Web mail security flaw

October 22, 2005 The flaw, now fixed, opened the door to phishing scams, account hijacks and other attacks, but Yahoo said no user attacks were reported. TAGS: XSS, Yahoo! Inc., security flaw, flaw, phishing, security

A phishing wolf in sheep's clothing

March 14, 2005 Scammers are increasingly injecting their own code into legitimate Web page URLs--a threat that could spell trouble for online banks. TAGS: XSS, phishing, bank, criminal, target, attack, server, e-mail

Acrobat flaw could spawn Web attacks

January 4, 2007 Vulnerability in ubiquitous Acrobat Reader software could be a boon for cybercrooks and spark a rise in Web-based attacks, experts warn. TAGS: XSS, iDefense, Adobe Acrobat Reader, Adobe Acrobat, Adobe Systems Inc., VeriSign Inc., Symantec Corp., attack, Adobe PDF, link, flaw, security, Web browser

Google fixes Web site security bug

October 10, 2005 Vulnerability could have exposed some users to account hijacks, phishing scams and other attacks, security firm says. TAGS: Finjan Software Inc., XSS, Google Inc., phishing, attacker, flaw, Gmail, bug, security, attack, Microsoft Corp., e-mail

New flaws reported in IE 6

November 29, 2003 Newly discovered security flaws in Microsoft's Internet Explorer could let attackers invade a user's PC, but a fix is not yet available. TAGS: Microsoft Internet Explorer 6, XSS, flaw, attacker, Microsoft Internet Explorer, fix, security, PC, Web browser, Microsoft Corp.

Firefox, IE vulnerable to fake login pages?

November 22, 2006 Flaw could enable attackers to compromise usernames and passwords, security researcher warns, citing exploit on MySpace. TAGS: XSS, username, Firefox, MySpace, exploit, Firefox 2.0, attacker, Mozilla Corp., flaw, Microsoft Internet Explorer, password, attack, Web browser, security, blog, Microsoft Corp.

Serious flaw in Google Desktop gets fix

February 21, 2007 Google plugs security holes in popular desktop search software that could open up data on a PC to intruders. TAGS: Watchfire, Google Desktop, XSS, Google Inc., vulnerability, flaw, security company, link, security, attack, PC

Mozilla issues security updates

December 20, 2006 "Critical" updates cover flaws in Firefox, Thunderbird and SeaMonkey that could allow for cross-site scripting and remote execution of code. TAGS: Mozilla Thunderbird, Mozilla Corp., security update, XSS, Firefox, flaw, security

Google plugs 'obscure' phishing holes

December 21, 2005 Web site security flaws could have enabled phishing scams, account hijacks and other attacks. TAGS: Watchfire, XSS, phishing, Google Inc., flaw, Gmail, attacker, security company, security, attack, Microsoft Corp., e-mail

The security risk in Web 2.0

July 28, 2006 Security has become a no-brainer for desktop software, but the same doesn't hold true for the booming world of Web applications. TAGS: AJAX, XSS, Web 2.0, Web application, expert, desktop software, house, MySpace, Time Warner Inc., JavaScript, security, programming, attack, Yahoo! Inc., Google Inc.

MSN flaw put Hotmail accounts at risk

June 7, 2005 Microsoft takes part of its MSN site offline after learning of a flaw that could be used to gain access to the free e-mail service. TAGS: MSN Hotmail, MSN, XSS, flaw, MSN Messenger, Microsoft Corp., security, e-mail

JavaScript bug-hunting tool demonstrated

March 24, 2007 Security researcher says his company won't let him release Jikto, which turns PCs of unknowing Web surfers into crawlers. TAGS: SPI Dynamics, JavaScript, XSS, Web security, vulnerability, researcher, security, Web browser, PC

Microsoft plugs hole in Exchange

August 10, 2004 The patch fixes a flaw in the e-mail server software that could be used to get access to in-boxes and information. TAGS: Microsoft Exchange 5.5 Server, Microsoft Outlook Web Access, Stephen Toulouse, XSS, flaw, vulnerability, Service Pack 2, security, Microsoft Corp., server, e-mail, PC, Microsoft Windows

Phishing--who's taking the bait now?

November 23, 2004 Kavado CEO Vikram Desai says blended phishing is likely to sucker more users into divulging valuable information. TAGS: phishing, victim, XSS, e-business, link, bank, technique, Web browser, e-mail

Tool turns unsuspecting surfers into hacking help

March 21, 2007 With Jikto, JavaScript on a Web site can turn PCs into a bug-hunting tool, thus doing a hacker's dirty work. TAGS: Web security, JavaScript, SQL injection, attacker, hacker, XSS, hacking, creator, vulnerability, bot, flaw, SQL, Web application, researcher, Web browser, security
1 | 2
Sponsored matches for "XSS"


© 2008 CNET Networks, Inc., a CBS Company. All rights reserved. | Privacy Policy | Terms of Use