Showing posts with label antivirus. Show all posts
Showing posts with label antivirus. Show all posts

Friday, March 27, 2009

Fixed again... Good job AVG, ESET

AVG and ESET have fixed their respective XSS vulnerabilities, and it is good !

Full disclosure - We believe in it !

Cheers!
Posted by at No comments:
Labels: , , , , , , , , , ,

Monday, March 9, 2009

XSS in AVG website

#########################################
# Website: http://www.avg.com
# Bug: XSS
# Date: 09.03.09
########################################

Vuln URL: hxxp://www.avg.com

Screenshot

Click here for the demo

The AV vendors have failed to secure their websites, and their saga of web bugs, ranging from sql injection, earlier demonstrated by Romanian hackers, to the XSS bugs we're demonstrating will continue...

Fix input validation in your pages, the page affected is their "license" page...

Cheers :)
Kish
Posted by at No comments:
Labels: , , , , , , , , , ,

Wednesday, March 4, 2009

XSS in ESET website

#########################################
# Website: http://www.eset.com
# Bug: XSS
# Date: 04.03.09
########################################



Vulnerable URL: hxxp://kb.eset.com

Click here for the demo

Fix input validation in the page, antivirus vendors are supposed to be careful, atleast, I thought so !

This is a special advisory, Dedicated to Digi (Crimemachine,Founder), my very good friend, and fellow hacker, who is an ardent supporter of ESET products, the antivirus especially, for the heur et al.

Cheers :)
Kish
Posted by at No comments:
Labels: , , , , , , , , ,
Subscribe to: Posts (Atom)