lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <a9bd0b751002040103n54475bf2w47d8246332462931@mail.gmail.com>
Date: Thu, 4 Feb 2010 14:33:24 +0530
From: rockey killer <skg102@...il.com>
To: h4ck3r_in@...glegroups.com, null-co-in@...glegroups.com, 
	sec-adv@...unia.com, full-disclosure@...ts.grok.org.uk
Subject: Malicious Code Execution Vulnerability In the URL
	Of crowdstar (Facebook Application Devloper)

About Crowdstar <http://www.crowdstar.com>

The coolest social gaming company that provides games for social networking
sites as like in  facebook.com . There are applications on the facebook
which are bieng devloped by crowdstar.

Vulnerability

Malicious code execution in the URL and redirection in the URL , which can
be further utilised to comromise accounts of users of facebook.

Vulnerability Reported on

Wed, Jan 20, 2010 at 12:37 AM

Vulnerability was fixed on

Wed, Jan 20, 2010 at 1:24 AM

Vulnerability was fixed by

Suren Markosian  (Technical Member of Crowdstar)

Credits

This Vulnerability was discovered and reported by H4CK3R Crew<http://h4ck3r.in/>

-- 

Rockey Killer

It's all about Hacking and Security

http://h4ck3r.in/

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ