martes, 24 de marzo de 2009

IncrediMail Xe (latest version) XSS Vulnerability

#!/usr/bin/perl -w

# IncrediMail Xe (latest version) XSS Vulnerability
#
# Discovered by : Bui Quang Minh
#
# Description : The most of popular Mail Client now exclude Script Code for mail content.
# It aims to avoid the type of XSS exploitation (For e.g: stolen cookie).
# IncrediMail also remove Script Code when the user read mail.
# However, I found the "Reply" and "Forward" function of the mail client
# has not handled mail content well resulting in XSS vulnerability.

Más detalles: http://www.milw0rm.com/exploits/8284
Se produjo un error en este gadget.

Etiquetas

INTERNET (457) newsweek (305) SEGURIDAD (225) software (136) HACK (86) Hacker (46) GOOGLE (44) Geek (41) hardware (36) WINDOWS (34) Hackers (31) CRACK (29) video (28) DESCARGA (27) facebook (27) videos (26) Celulares (25) MICROSOFT (22) Informatica (21) apple (19) GRATIS (18) technology (18) virus (18) exploit (17) computación (16) informatico (16) web (15) cracker (14) INALAMBRICO (13) WINDOWS 7 (13) noticias (11) MSN (10) termino (10) ACTUALIZACION (9) Gamer (9) LapTops (9) Mac (9) PASSWORD (9) WINDOWS XP (9) dns (9) firefox (9) juegos (9) FOTOS (8) cientifico (8) iphone (8) WEP (7) antivirus (7) bibliografia (7) Desencriptar (6) INFINITUM (6) wifi (6) youtube (6) Craker (5) Culiacan (5) DESMOSTRACION (5) TELEFONIA (5) messenger (5) DIRECTA (4) DOWNLOAD (4) ESPAÑOL (4) XBOX (4) gmail (4) xss (4) Glosario (3) HTML (3) WPA (3) anuncios (3) hosting (3) hotmail (3) Guru (2) ajax (2) ataques (2) wpa2 (2)