Lucene search
MitreCVELIST:CVE-2007-1085HistoryFeb 23, 2007 - 1:00 a.m.
CVE-2007-1085
2007-02-2301:00:00
mitre
www.cve.org
1
Cross-site scripting (XSS) vulnerability in Google Desktop allows remote attackers to bypass protection schemes and inject arbitrary web script or HTML, and possibly gain full access to the system, by using an XSS vulnerability in google.com to extract the signature for the internal web server, then calling the “under” parameter in Advanced Search with the proper signature.
References
osvdb.org/33483
securityreason.com/securityalert/2301
www.kb.cert.org/vuls/id/615857
www.securityfocus.com/archive/1/460735/100/0/threaded
www.securityfocus.com/archive/1/460928/100/0/threaded
www.securityfocus.com/bid/22650
www.securitytracker.com/id?1017686
www.watchfire.com/resources/Overtaking-Google-Desktop.pdf
Related
nvd
nvd
CVE-2007-1085
2007-02-23 03:28:00
securityvulns
securityvulns
Google Desktop unauthorized access
2007-03-01 00:00:00
nessus
nessus
Google Desktop Advanced Search Internal Web Server XSS
2007-02-26 00:00:00
cve
cve
CVE-2007-1085
2007-02-23 03:28:00
prion
prion
Cross site scripting
2007-02-23 03:28:00