SecurityRatty: tag: javascript

Malicious Javascript Code In Another CNET Networks Website

2008-08-08 10:14:02 by CyberInsecure in CyberInsecure.com

Websense has discovered that another CNET Networks site, CNET Clientside Developer Blog, has been compromised, just 5 months after previous incident. The main page of this website contains malicious JavaScript code that de-obfuscates into an iframe that loads its primary malicious payload from a different host. This malicious JavaScript code...

Tags: malicious javascript code, cnet networks site, primary malicious payload, website, previous incident, main page, websense, access, loads

Adobe Reader/Acrobat JavaScript Method Handling Vuln

2008-06-24 10:48:40 by Dave Lewis in Liquidmatrix Security Digest

...JavaScript method and can be exploited to cause a crash or potentially execute arbitrary code via a specially crafted PDF file NOTE: The vulnerability is reportedly being exploited in the wild Note the note. This one is getting pwned as we speak Article Link

Tags: adobe, javascript method, execute arbitrary code, vulnerability, note, adobe readeracrobat, malicious people, article link, remote access

Researcher slams Adobe for 'epidemic' of JavaScript bugs

2008-06-24 13:00:00 by Editor in Computerworld Security News

Adobe Systems has patched its free Reader and commercial Acrobat software to fix the latest in what one researcher called an "epidemic" of JavaScript vulnerabilities in the popular apps

Tags: commercial acrobat software, popular apps, free reader, javascript vulnerabilities, researcher, epidemic, adobe systems, fix

Automating web application security testing

2007-07-16 11:40:00 by Panayiotis Mavrommatis in Google Online Security Blog

...JavaScript, HTTP response headers, etc The following are some (by no means complete) examples of XSS vulnerabilities. Let's assume there is a web application that accepts user input as the 'q' parameter. Untrusted data coming from the attacker is marked in red Injection in regular HTML body - angled brackets not filtered or escaped Your...

Tags: web application, application, input, input parameters, accepts user input, xss, xss vulnerabilities, security, security team check

Massive RealPlayer Exploit Embedded Attack

2008-01-07 18:58:52 by HASH0x89c7e1c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...javascript obfuscations, multiple IFRAME redirectors to and from internal pages, and scripts within the domains. Let's assess those that are still active n.uc8010.com/0.js returns " ok ^ ^ " message and loads c.uc8010.com/ip/Cip.aspx (61.188.39.218) which says " Hello ", furthermore, c.uc8010.com/0/w.js loads c.uc8010.com/1.htm ;...

Tags: exploit, realplayer exploit, uc8010 domain, domain, uc8010, exact exploit, attack uc8010, malware, malware exploitation kits

The United Nations Serving Malware

2008-04-23 10:13:00 by HASH0x8b31c98 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...JavaScript loads a file named 1.js which is ho sted on http://www.nihao[removed].com The JavaScript code then redirects the user to 1.htm (also hosted on the same server). Once loaded, the file attempts 8 different exploits (the attack last April utilised 12). The exploits target Microsoft applications, specifically browsers not patched...

Tags: malware, attack, malware attack, anti-malware vendor, media malware gang, htm, nihaorr1, load nihaorr1, attack tactic

Cached Malware Embedded Sites

2007-12-16 18:18:26 by HASH0x8a09e44 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...javascript/IFRAME before it got removed Here's an example of how useful cached malware sites are for research purposes. Back in September, the U.S Consulate in St.Petersburg was serving malware , and the embedded malware link was removed sooner than I could obtain a copy of the infected page. Best of all - there were still cached copies...

Tags: sites, sites wrongly, web sites, malware, malicious site, site, single site offers, sites notification services, popular sites

Moto Q9 DoS and Fingerprinting

2008-01-12 18:10:21 by RSnake in ha.ckers.org web application security lab

...JavaScript. But then I realized, I had never tested it with JavaScript turned on. Thats when I went to Mr. T . What did Mr. T do to the Moto Q9 (which is running Opera, by the way)? It crashed it immediately So then I start messing around with it, and I narrow it down to one of the things thats more legacy than anything, the now fixed, MS...

Tags: accept language, accept, devcap, devcap charset, devcap numsoftkeys, accept charset, devcap screenpixels, cell phone hacker, phone

U.K's FETA Serving Malware

2008-02-12 09:13:31 by HASH0x8b1c460 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...Javascript hack created using the Neosploit Crimeware Toolkit, dishing out payloads including, the blog reports, porn pop-ups The deobfuscated javascript attempts to load the currently live 88.255.90.130/cgi-bin/in.cgi?p=admin (MDAC ActiveX code execution (CVE-2006-0003), also responding to Silentwork.ws and Tide.ws which is deceptively...

Tags: malware, domains, malware domains, malware attacks, attacks, malware campaigners, serve malware, high-profile malware, serve

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo