carpet-bombing flaw

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Google downplays Chrome's carpet-bombing flaw

Google downplays Chrome's carpet-bombing flawGreatAnother company that doesn't understand blended threats when it's pointed out to them. Even worse with them responsible for Web 2.0 stuff that's a great set of vectors for attacks.RE: Google downplays Chrome's carpet-bombing flawOh the ignorance at Google never fails to amaze me. They...

Tags: Web browsers, SECURITY, ActiveX/COM/COM+/DCOM, Google Inc., Chrome, Microsoft Internet Explorer 5.01, carpet-bombing flaw, Microsoft Internet, Microsoft Internet Explorer, Microsoft Corp.

Discussion threads 2008-09-16

Google Chrome vulnerable to carpet-bombing flaw

Google Chrome vulnerable to carpet-bombing flawjust proves that no software can ever be without any flawsntmore typical ZDnet FUDChrome prevents access to user folders including the desktop using permissions. R-E-A-S-E-A-R-C-HRE: Google Chrome vulnerable to carpet-bombing flaw"Raff’s code shows how a malicious hacker can use a clever social engineering lure...

Tags: Microsoft Windows, Web browsers, SECURITY, Google Chrome, Google Inc., carpet-bombing flaw, flaw

Discussion threads 2008-09-02

Additional Resources

A look at the recent Firefox 3 vulnerability

True to form, Billy Rios promised a more in depth look at the MSFA2008-35 vulnerability which is another protocol handler flaw in Firefox 3.  As previously reported here, this was another protocol handler flaw that led to arbitrary remote command execution, and is especially dangerous since it can be deployed...

Tags: Mozilla Firefox 3.0, Mozilla Firefox, Apple Safari, Vulnerability, Protocol Handler, Firefox3, Security Decision, Web Browsers, Security, Internet, Nathan McFeters

Blog posts 2008-07-22

2008 Pwnie Award nominees announced

2008 Pwnie Award nominees announcedNot bad butI have to give Lamest Vendor Response to Apple for the Safari carpet bomb flaw.Ok, Nate, so here's a solution to your QuickTime problemDon't run your browser with administrative credentials... yeah, yeah you're going to counter with something that is probably mostly FUD based....

Tags: Digital music, SECURITY, Operating systems, Nate, Pwnie Award

Discussion threads 2008-07-21

2008 Pwnie Award nominees announced

Well, after getting 134 nominations, and spending countless hours pulling out nominees, the judges for the 2008 Pwnie Awards have announced the final nominees to be voted on.  From the site: The final list of nominees for the nine Pwnie Award categories is ...

Tags: Attack, Flaw, Lifelock, Nathan McFeters, Nominee, Security, Vulnerability, XSS, XSS Flaw

Blog posts 2008-07-21

Internet Explorer 'feature' causing drive-by malware attacks

Internet Explorer 'feature' causing drive-by malware attacksNo surprise hereEver single vulnerability in IE is due to a built in feature.In fact, IE itself can be considered a "zero day" attack friendly vector. The primary point of failure in IT security.what version?what version?RE: Internet Explorer 'feature' causing drive-by malware attacks[i]taking advantage...

Tags: Web browsers, Spyware, adware & malware, Cyberthreats, SECURITY, Microsoft Internet Explorer, malware, malware attack

Discussion threads 2008-06-27

News to know: Hactivists; XO-2 laptop; HP; Virtualization

Notable headlines: Dancho Danchev: Pro-Serbian hacktivists attacking Albanian web sites Over 1.5 million pages affected by the recent SQL injection attacks DoS Attacks Using SQL Wildcards Revealed Ryan Naraine: Secunia finds 'highly critical' Foxit Reader Flaw Are you wary of...

Tags: Larry Dignan, Hewlett-Packard Co., Virtualization, Network, Microsoft Corp., Twitter, Laptop Computer, One Laptop Per Child Project, Sales Strategy, Ultramobile PCs (UMPCs), Microsoft Windows Vista (Longhorn), Sales Force Management, Sales, Tablets, Hardware, Notebooks & Tablets, Emerging Technologies, Operating Systems, Microsoft Windows, Software

Blog posts 2008-05-21

Apple under pressure to fix Safari 'carpet bomb' flaw

Apple under pressure to fix Safari 'carpet bomb' flawThe problem with this one isIt's too easy. Anyone can read the PoC and figure out how to conduct a full blown attack quite simply. If you fit the pieces together, it's directly attackable.-NateRE: Apple under pressure to fix Safari...

Tags: Apple Inc., Apple Safari, flaw, Microsoft Corp., security

Discussion threads 2008-05-20

Apple under pressure to fix Safari 'carpet bomb' flaw

The Google-backed StopBadware.org coalition has called on Apple to rethink its stance on whether the Safari "carpet bomb" issue reported by Nitesh Dhanjani constitutes a serious security risk. Dhanjani originally discovered than it is possible for a booby-trapped Web site to litter the user's Desktop Windows or...

Tags: Apple Safari, Apple Inc., Flaw, Google-backed StopBadware.org Coalition, Security, Spyware, Adware & Malware, Instant Messaging, Cyberthreats, Internet, Online Communications, Ryan Naraine

Blog posts 2008-05-20

If it's 'live' it's on Linux

A fundamental flaw in Microsoft's new-found commitment to on-demand services (it calls it 'live' software) is that its licensing policies are driving on-demand ISVs to open-source alternatives — what's known as the LAMP platform (Linux, Apache, MySQL, PHP/Perl/Python). Don't take it from me, this is what Sam Ramji of the...

Tags: Microsoft Corp., on-demand

Blog posts 2005-11-04

Cisco hits back at flaw researcher

Cisco hits back at flaw researcher"not yet fully baked"I'm but a java developer but my guesstimate is that the open source code to a command prompt is merely a way for the developers to be able to program a router. That being said, no system is invulnerable or no one...

Tags: Cisco Systems Inc.

Discussion threads 2005-07-28