Register Log In

UGN Security Forums UGN Security: UGN Archives Tech News Norton Internet security vulnrable to code injection

Print Thread

Rate Thread

Norton Internet security vulnrable to code injection #40078 10/29/03 12:02 AM
Joined: Aug 2003 Posts: 240 New Zealand paradox OP Member
OP paradox Member Joined: Aug 2003 Posts: 240 New Zealand	When Norton Internet Security 2003 blocks a web site, it returns a web page to the browser stating that the site has been blocked. This error message contains the URL which was requested. Norton Internet Security 2003 appears to do no validation or encoding of the URL before returning it in the error message. This allows an attacker to supply a URL that contains script. This script will run in the context of the blocked site. We have marked this as a low risk because we believe in most situations, there will be little information of interest since the site is normally blocked (browser cookies from the blocked site probably do not exist, etc). However this does allow sites that are blocked to run script on the victim's machine when it shouldn't be allowed. source: digital pranksters The wise make mistakes, the fools repeat them ---------------------------------------- When you have eliminated the impossible, that which remains, however improbable, must be the truth

Sponsored Links

▼ Sponsored Links ▼ ▲ Sponsored Links ▲

Link Copied to Clipboard

Member Spotlight

Posts: 35
Joined: August 2003

Forum Statistics

Forums41

Topics33,840

Posts68,858

Average Daily Posts0

Members2,176

Most Online3,253
Jan 13th, 2020

Latest Postings

Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM

Animation,
by JohanKaariainen - 08/15/19 01:18 AM

Blackbeard.....
by Gremelin - 10/03/18 07:02 PM

my old account still exists!
by Crime - 08/10/18 02:47 PM

Okay WTF?
by HenryMiring - 09/27/17 01:45 AM

The History Thread...
by Gremelin - 08/11/17 12:11 PM

My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM

I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM

I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM

Doom 3
by Cyrez - 09/11/14 08:58 PM

Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM

AIM scene 99-03
by lavos - 09/02/13 08:06 AM

Planetside 2
by Crime - 03/04/13 07:10 AM

Beta Testers Wanted
by Crime - 03/04/13 06:55 AM

Hello Everyone
by Gremelin - 02/12/12 06:01 PM

Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM

Python 3 issue
by Testing - 12/17/11 09:28 PM

tracfone airtime
by Drache86 - 07/30/11 03:37 AM

Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM

Can home PCs provide a way for viruses and spyware to enter a corporate LAN?
by Gremelin - 06/08/11 05:51 PM

HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM

gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM

Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM

LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM

Assistance Requested in Identifying People who Snitched on Goatse Hacking Group
by diggin2deep - 01/30/11 02:32 AM

Top Posters

UGN Security 41,392

Gremelin 7,203

§intå× 3,255

SilentRage 1,273

Ice 1,146

pergesu 1,136

Infinite 1,041

Girlie 908

unreal 860

Top Likes Received

Ice 1

Powered by UBB.threads™ PHP Forum Software 7.7.5