Archive | security

Flash Cross-site scripting attack

Eyes on security has released a warning about Cross-site scripting attacks made possible on sites that allow uploadable files – Bypassing JavaScript Filters – the Flash way Basically, if you have a forum or pages where you allow users to upload files, the user will still be able to execute JavaScript through the SWF file, […]

Continue Reading

Opera not so safe after all

Opera is a browser that I have often mentioned whenever vulnerabilities in Internet Explorer has been published (which happens a lot more often than I comment on it, but thats a digression). But all was not good in the paradise of the Opera browser I found out today. The Register writes: vulnerability in Opera 6.01 […]

Continue Reading

ActiveX flaw exposes Flash users to hacks

Via Flazoom: ActiveX flaw exposes Flash users to hacks ZDNet writes about a buffer overflow vulnerability in the previous version of the Flash 6 player (revision 23), the overflow allows for attacks via some HTML e-mail clients and when visiting malicious web sites. The problem only exist for Internet Explorer on the Windows platform. If […]

Continue Reading

More security problems found in IE

If you are using Internet Explorer as your browser, using the back button could expose you to malicious code. Microsofts reaction? «because the proposed exploit scenario is dependent upon specific user interaction as a prerequisite, it does not meet our definition of a security vulnerability.» Another Big MS Browser Hole Found The security fix? Switch […]

Continue Reading