Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Google XSS InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Google XSS

Published: 2007-11-11
Last Updated: 2007-11-11 23:46:11 UTC
by Marcus Sachs (Version: 1)
1 comment(s)

Juha-Matti reminded us of a new Google cross-site scripting issue related to a recent JAR: protocol vulnerability in Firefox that was reported by Petko D Petkov on Saturday:

http://www.gnucitizen.org/blog/severe-xss-in-google-and-others-due-to-the-jar-protocol-issues

References:

http://www.gnucitizen.org/blog/web-mayhem-firefoxs-jar-protocol-issues

http://www.securityfocus.com/bid/26385

http://secunia.com/advisories/27605/

http://www.kb.cert.org/vuls/id/715737

Marcus H. Sachs
Director, SANS Internet Storm Center

Keywords:
1 comment(s)
Diary Archives