| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1140672583.25732.117.camel@Stargate.iatechconsulting.com> Date: Thu Feb 23 05:25:39 2006 From: nodialtone at comcast.net (nodialtone) Subject: Reported Google Vuln Google funzies. [Snip] I. DESCRIPTION Google Reader (http://www.google.com/reader/) helps organise the contents of those rss or atom feeds for which the user is interested in or subscribed to. The user instead of continuously checking his/her favorite sites or discussion groups for updates, (s)he can let Google Reader do it for them. >From news sites to your friends' blogs, Google Reader helps stay up-to-date with all the online information that matters most to the user. II. VULNERABILITY DETAILS Google reader is supposed to display only those contents which the user has subscribed to however two vulnerabilities has been identified which may allow an attacker to entice it's victim (using google reader service) to view unwanted web contents carrying malicious payloads. [snip] Reference: http://seclists.org/lists/fulldisclosure/2006/Feb/0553.html -- -nodialtone http://www.iatechconsultng.com
Powered by blists - more mailing lists