Full Disclosure: Re: Airscanner Mobile Security Advisory #07101401: Mobile-spy Victim/User Phone/SMS/URL Log Spoofing and Persistent XSS Injection

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Airscanner Mobile Security Advisory #07101401: Mobile-spy Victim/User Phone/SMS/URL Log Spoofing and Persistent XSS Injection

From: reepex <reepex () gmail com>
Date: Tue, 23 Oct 2007 13:22:36 -0500

On 10/23/07, Seth Fogie <seth () airscanner com> wrote:


* Risk Level:*
High - Spoofed log records / Injected JavaScript can lead to malware
attacks

Risk level high and javascript do not belong together

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Airscanner Mobile Security Advisory #07101401: Mobile-spy Victim/User Phone/SMS/URL Log Spoofing and Persistent XSS Injection Seth Fogie (Oct 23)
- Re: Airscanner Mobile Security Advisory #07101401: Mobile-spy Victim/User Phone/SMS/URL Log Spoofing and Persistent XSS Injection reepex (Oct 23)