Vulnerability Management Solutions: Flock Browser: Javascript Same-Origin Policy Violation (XSS)

Saturday, September 18, 2010

Flock Browser: Javascript Same-Origin Policy Violation (XSS)

Users of Flock Browser please be advised of a Javascript Same-Origin Policy Violation (XSS) vulnerability that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com

FLOCK-SA-2010-04: [FLOCK-SA-2010-04] Flock Browser: Javascript Same-Origin Policy Violation (XSS)

Affected Products: Flock 3 versions prior to 3.0.0.4094

Details:

WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before

r52401, as used in Google Chrome before 4.0.249.78, allows remote

attackers to bypass the Same Origin Policy via vectors involving

the window.open method.
Read more at www.criticalwatch.com

See this Amp at http://bit.ly/94yJcv

Vulnerability Management Solutions

Saturday, September 18, 2010

Flock Browser: Javascript Same-Origin Policy Violation (XSS)

FLOCK-SA-2010-04: [FLOCK-SA-2010-04] Flock Browser: Javascript Same-Origin Policy Violation (XSS)

No comments:

Post a Comment

Followers

Blog Archive

About Me