>ok, but want do you want to do with a stolen session on symantec ? get
>free AV ?
Are you really known that it can be used only for stolen session?
XSS may use for fishing, farming, XSS proxy and other..
Can we trust security company, which can not protect your corporate Web site?
__
>>Hi All!
>>
>>This time XSS vulnerability at Netcraft. Hope this company will act a bit
>>sooner than others.
>>
>>
>>
>>Example of vulnerability is as usually in my blog at
>>http://www.securitylab.ru/blog/tecklord/?category=19
Ironically, Netcraft provides security services and takes money fo
Hi!
>From Russia Security Site:
http://www.securitylab.ru/news/270837.php
New worked XSS on paypal.com:
www.paypal.com/cgi-bin/webscr?cmd=p/gen/-->alert('www.securitylab.ru')
really work :)
___
Full-Disclosure - We believe in it.
Charter: http://lists.
[ADVISORY] - x Thu Mar 16 13:44:47 EST 2006 x - Integer Overflow in VMware
8D~~
o/ å DESCRIPTION
8D~~
VMware incorrectly parses integer data, and this can be used to execute
arb