Re: Exploiting the Google toolbar (GM#001-MC)
From: GreyMagic Software (security@GREYMAGIC.COM)Date: 08/20/02
- Previous message: Johan Persson: "Re: Insufficient Verification of Client Certificates in IIS 5.0 pre sp3"
- Maybe in reply to: GreyMagic Software: "Exploiting the Google toolbar (GM#001-MC)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 20 Aug 2002 01:20:41 +0200 From: GreyMagic Software <security@GREYMAGIC.COM> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
It has been brought to our attention that the first problem we disclosed in
our Google advisory ("Tap [eavesdrop] to key presses in the toolbar's search
box") also affects the following toolbars:
Alexa v6.5.11775 from
http://pages.alexa.com/prod_serv/quicktour.html?p=TBMenu_W_t_40_L1
Ask Jeeves dated 18-Jul-2002 from
http://sp.ask.com/docs/toolbar/helpindex.html
We would like to thank John Davis for letting us know of these problems.
You can read about the vulnerability in detail at
http://sec.greymagic.com/adv/gm001-mc/ and you can also test the toolbars
above (or any other toolbar) using the first demonstration in that URL.
- Previous message: Johan Persson: "Re: Insufficient Verification of Client Certificates in IIS 5.0 pre sp3"
- Maybe in reply to: GreyMagic Software: "Exploiting the Google toolbar (GM#001-MC)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
