BetaONE will rise again!
FAQ Members List Calendar Search Today's Posts Mark Forums Read
   


Reply
 
Thread Tools Display Modes
  #1  
Old 30th Sep 03, 01:48 AM
twista twista is offline
New Member
  
Join Date: Sep 2003
Posts: 2
twista
Dear Customer,

The Browser Security Test is finished. Please find the results below:

High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 2
Low Risk Vulnerabilities 0

Well my os is not patched and it wont be lol and ireally dont mind a java bug in my browser anyways. ! dam* vlk.
Reply With Quote
  #2  
Old 30th Sep 03, 02:15 AM
adams adams is offline
Super Moderator
  
Join Date: Jul 2001
Posts: 1,124
adams is an unknown quantity at this point
High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 0
Low Risk Vulnerabilities 0


using sygate as a firewall.
__________________
Camera Equipment:
Canon 40D & Digital Rebel XT
Canon 500mm L IS USM
Canon 100-400mm L IS USM
kit lens
Sigma 70-300mm APO DG
Canon 430 EX Speedlight
Dynatran Tripod
Lowepro Mini Trekker AW backpack
Reply With Quote
  #3  
Old 30th Sep 03, 03:14 AM
Alpine's Avatar
Alpine Alpine is offline
Retired Crew
  
Join Date: Feb 2002
Location: Run Forest, RUN!!
Posts: 3,601
Alpine is on a distinguished road
Send a message via ICQ to Alpine Send a message via AIM to Alpine
Dear Customer,

The Browser Security Test is finished. Please find the results below:

High Risk Vulnerabilities 0
Medium Risk Vulnerabilities 2
Low Risk Vulnerabilities 0


Medium Risk Vulnerabilities

Microsoft Internet Explorer file:javascript: Cross Domain Scripting Vulnerability (ldy20030910-01)

Description


This bug allows a web site to read the contents of any file on your computer. The web site has to know the exact path and name of the file. A malicious website may also be able to exploit this vulnerability to delete mail from your webmail account or to spoof trusted websites.

Technical Details
It is possible to inject JavaScript code into Search bar and Media bar in Internet Explorer using "file:javascript:.." URL. The code will be execurted in the domain context of the document that was loaded in the bar.

A malicious web site can first open a document from any domain in Search bar and then execute JavaScript code getting access to the document.

There is a technique that allows injecting JavaScript code into Local Computer zone using this vulnerability. This allows a malicious web site to get access to local files and even execute arbitrary code. See "Additional Information" for details.
Reply With Quote
  #4  
Old 30th Sep 03, 11:59 AM
marcovaleriof's Avatar
marcovaleriof marcovaleriof is offline
Senior Member
  
Join Date: Sep 2001
Location: Italy
Posts: 114
marcovaleriof
Send a message via ICQ to marcovaleriof Send a message via MSN to marcovaleriof
not very good protection...

Code:
The Browser Security Test is finished. Please find the results below:

High Risk Vulnerabilities 2 
Medium Risk Vulnerabilities 5 
Low Risk Vulnerabilities 0
must improve security... h34r:" class="inlineimg" />

***EDIT:

hahaha
security improved, just toggled java, activeX and scripts..

Code:
The Browser Security Test is finished. Please find the results below:

High Risk Vulnerabilities 0 
Medium Risk Vulnerabilities 0 
Low Risk Vulnerabilities 0
Reply With Quote
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Centrino trashes Itanium in brain measurement test Alpine BetaONE News 0 2nd Nov 04 04:03 AM
Testing Attachments ~*McoreD*~ Testing, Testing... 20 25th Oct 04 02:38 AM
Asus A7V and sdram psilocybe Hardware Support 10 20th Oct 01 12:25 PM


All times are GMT +1. The time now is 12:40 PM.
BetaONE - Archive - Top

Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.