Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.902314 |
Category: | General |
Title: | Flock Browser RSS Feed Cross site scripting Vulnerability |
Summary: | This host is installed with Flock browser and is prone to cross; site scripting vulnerability. |
Description: | Summary: This host is installed with Flock browser and is prone to cross site scripting vulnerability. Vulnerability Insight: The flaw is due to the improper validation of user-supplied input when processing RSS feeds. Vulnerability Impact: Successful exploitation will allow attackers to execute HTML code in the context of the affected browser, bypass the same-origin protection and obtain potentially sensitive information. Affected Software/OS: Flock versions 3.0 to 3.0.0.4113 Solution: Upgrade to the Flock version 3.0.0.4114 CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
Cross-Ref: |
BugTraq ID: 43225 Common Vulnerability Exposure (CVE) ID: CVE-2010-3262 http://www.securityfocus.com/bid/43225 Bugtraq: 20100914 [FLOCK-SA-2010-02] Flock Browser: A malicious RSS feed can bypass cross origin protection (XSS) (Google Search) http://www.securityfocus.com/archive/1/513701/100/0/threaded XForce ISS Database: flock-rss-xss(61820) https://exchange.xforce.ibmcloud.com/vulnerabilities/61820 |
Copyright | Copyright (C) 2010 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |