Prominent Security Sites Contain XSS Vulnerabilities
According to XSSed, an online security watchdog, on June 9, 2008, the Websites belong to the three most reputed companies of the security industry have security bugs, which on exploitation could aid in unleashing scams against consumers.
XSSed confirmed 30 XSS (cross-site scripting) vulnerabilities in the Symantec, VeriSign and McAfee Websites that could be exploited to insert malware or to launch scams on the computers accessing those sites. The flaws could also allow attackers to distribute malicious programs to the firms' customers.
Moreover, online attackers are now increasingly hosting malware on legitimate sites, a technique that makes sites distributing t...
» SPAMfighter News - 27-06-2008