32 matches found
EUVD-2007-3142
Malware in sbrugna...
EUVD-2006-6165
Malware in sbrugna...
Google Desktop Search Remote Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11541/info Google Desktop Search is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure of the application to properly sanitize HTML tag content. An attacker may leverage this issue...
Google Desktop Cross-Site Scripting Weakness
No description provided by source. source: http://www.securityfocus.com/bid/22650/info Google Desktop is prone to a cross-site scripting weakness because the application fails to properly sanitize user-supplied input. Successful attacks must exploit this weakness in conjunction with a latent...
Google Desktop Insecure Library Loading Vulnerability
A vulnerability has been discovered in Google Desktop, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: • schannel.dll This can be exploited to...
Earn Rewards for Finding Security Flaws in Gmail, YouTube, and More
Google is on the hunt for hackers to find security vulnerabilities in popular web applications like Gmail, Blogger, and YouTube. The tech giant is offering rewards starting at $500 per bug. For vulnerabilities that are "severe or unusually clever," the payout can reach up to $3,133.70...
KLA10179 Vulnerability in Google Desktop
An unspecified vulnerability was found in Google Desktop. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited by vectors related to Gadgets. Original advisories securityfocus Related products Google-Desktop CVE list Solution Update to...
[SECURITY] Fedora 9 Update: google-gadgets-0.10.5-5.fc9
Google Gadgets for Linux provides a platform for running desktop gadgets under Linux, catering to the unique needs of Linux users. It can run, without modification, many Google Desktop gadgets as well as the Universal Gadgets on iGoogle...
Google Desktop cross-site scripting vulnerability
Overview Google Desktop contains a cross-site scripting vulnerability. Google Desktop, software for searching information on local computers, contains a cross-site scripting vulnerability. Impact An arbitrary script could be executed on the web browser of a user who uses Google Desktop. Solution...
JVN#79114735 Google Desktop cross-site scripting vulnerability
Google Desktop, software for searching information on local computers, contains a cross-site scripting vulnerability. Impact An arbitrary script could be executed on the web browser of a user who uses Google Desktop. Solution According to the vendor, this vulnerability has been fixed in Google...
CVE-2007-3150
Google Desktop allows user-assisted remote attackers to execute arbitrary programs via a man-in-the-middle attack that injects JavaScript, a www.google.com search IFRAME, and a META HTTP-EQUIV="refresh" that targets a www.google.com search for a local .exe file, which is displayed in the "results...
Code injection
Google Desktop allows user-assisted remote attackers to execute arbitrary programs via a man-in-the-middle attack that injects JavaScript, a www.google.com search IFRAME, and a META HTTP-EQUIV="refresh" that targets a www.google.com search for a local .exe file, which is displayed in the "results...
CVE-2007-3150
CVE-2007-3150 affects Google Desktop. The connected sources describe a user-assisted remote code execution via a man-in-the-middle attack that injects JavaScript, a Google search IFRAME, and a META HTTP-EQUIV="refresh" targeting a local executable. When the compromised link is clicked, Google Des...
CVE-2007-3150
Google Desktop allows user-assisted remote attackers to execute arbitrary programs via a man-in-the-middle attack that injects JavaScript, a www.google.com search IFRAME, and a META HTTP-EQUIV="refresh" that targets a www.google.com search for a local .exe file, which is displayed in the "results...
Google Desktop unauthorized access
By using google.com crossite scripting it's possible to take control under user's system...
Overtaking Google Desktop
Hello, A new research from Watchfire has revealed a serious vulnerability in Google Desktop. The attack, which is fully presented in a new Watchfire research paper released today available at http://www.watchfire.com/resources/Overtaking-Google-Desktop.pdf, can allow a malicious individual to...
Google Desktop Advanced Search Internal Web Server XSS
The version of Google Desktop installed on the remote host is affected by a cross-site scripting flaw because it fails to properly encode the output for the 'under' keyword. This issue cannot be directly exploited remotely; however, when used in conjunction with a known Google.com cross-site...
Google Desktop Detection
Binary data 3924.prm...
Google Desktop Detection
Google Desktop, a search application for Windows that allows users to easily search for files on the computer, is installed on the remote host. If the 'Advanced Features' or 'Search Across Computers' options of Google Desktop are enabled, some data may be sent to Google's server, potentially...
Cross site scripting
Cross-site scripting XSS vulnerability in Google Desktop allows remote attackers to bypass protection schemes and inject arbitrary web script or HTML, and possibly gain full access to the system, by using an XSS vulnerability in google.com to extract the signature for the internal web server, the...