Dear Customer,

The Browser Security Test is finished. Please find the results below:

High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 2
Low Risk Vulnerabilities 0

Well my os is not patched and it wont be lol and ireally dont mind a java bug in my browser anyways. :rtfm: ! dam* vlk.

High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 0
Low Risk Vulnerabilities 0


using sygate as a firewall.

Dear Customer,

The Browser Security Test is finished. Please find the results below:

High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 2
Low Risk Vulnerabilities 0


Medium Risk Vulnerabilities

Microsoft Internet Explorer file:javascript: Cross Domain Scripting Vulnerability (ldy20030910-01)

Description


This bug allows a web site to read the contents of any file on your computer. The web site has to know the exact path and name of the file. A malicious website may also be able to exploit this vulnerability to delete mail from your webmail account or to spoof trusted websites.

Technical Details
It is possible to inject JavaScript code into Search bar and Media bar in Internet Explorer using "file:javascript:.." URL. The code will be execurted in the domain context of the document that was loaded in the bar.

A malicious web site can first open a document from any domain in Search bar and then execute JavaScript code getting access to the document.

There is a technique that allows injecting JavaScript code into Local Computer zone using this vulnerability. This allows a malicious web site to get access to local files and even execute arbitrary code. See "Additional Information" for details.

not very good protection...

must improve security... :ph34r:

***EDIT:

hahaha
security improved, just toggled java, activeX and scripts..