| Email address | private |
|---|---|
| First Active | 2007-02-24 |
| Last Active | 2011-10-19 |
Whitepaper called DNS Poisoning Via Port Exhaustion. It covers everything from how DNS poisoning works to various methods of performing attacks. It discloses two vulnerabilities. One is in Java which enables remote DNS poisoning using Java applets. The other is in multiuser Windows environments that allows for a local DNS cache poisoning of arbitrary domains.
59aae9b502f6267802e5e03c5acbbc8cc5b2055211508a758f0223c1089883beDolphin Browser HD versions prior to 6.1.0 suffer from a cross applications scripting vulnerability.
fec0542347d11dcaba40a36e576a9a2728f140dc57e324d0e46a4289ce1ef603A 3rd party application may exploit Android's Browser URL loading process in order to inject JavaScript code into an arbitrary domain thus break Android's sandboxing. Versions 2.3.4 and 3.1 have been found vulnerable.
e69e53a920a455ea417e80477c2fab5c49deede7cf7c53b2cbeaf6c9493d8670The Babylon online dictionary and translation software fails to sanitize user input before rendering it on the Trident control, effectively leading to a cross-application scripting vulnerability. The Trident control runs in Local Machine Zone (LMZ) which is not Locked down and due to this the vulnerability can allow for code execution.
521bd04a9d93d3243cb54ea1da35796ea3e0170a38c45bee3986db191b659c09Write up discussing the breaking of Google Gears' cross origin communication model.
42c449424322d157ce506a8ff66a83abe0194f2dc1ba8d911cb1133691c3df2aWhitepaper discussing a serious vulnerability in Google Desktop. The attack is composed of web-application security flaws found in Google Desktop along with exploitation of Google Desktop's tight integration with the Google.com website.
0d0fe93a2dd71d7872267488cb64152eb357a94750078e6b22fbba7faac2a033
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed