BitDefender Internet Security 2009 suffers from a cross site scripting vulnerability.
cbc5a5ad08caad0126f74533bccd87cddb09e4964c446d6f9c7869926c30f560
Application: BitDefender Internet Security 2009
OS: Windows Xp (All patches a day)
------------------------------------------------------
1 - Description
2 - Vulnerability
3 - POC/EXPLOIT
------------------------------------------------------
Description
BitDefender Internet Security is a security software
that includes multiples protections, for example (anti spam, anti spyware,etc).
------------------------------------------------------
Vulnerability
The vulnerability is caused because when you scans a file,
the antivirus used a flash for display the name of file,
with this you can make a malformed rar or zip that containing a script.
and when the av scans the file, run the script.
------------------------------------------------------
POC/EXPLOIT
The poc is the video because for make the poc you need a virus file.
the xss is this
<h1 id="header" onmousemove="alert(1)" test </h1>
http://video.google.com/videoplay?docid=-8346357281340486654
------------------------------------------------------
Juan Pablo Lopez Yacubian
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed