iBackDoor: High-Risk Code Hits iOS Apps

Introduction FireEye mobile researchers recently discovered potentially “backdoored” versions of an ad library embedded in thousands of iOS apps originally published in the Apple App Store. The affected versions of this library embedded functionality in iOS apps that used the library to display...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to inject arbitrary web script or HTML via a crafted HTTP request to a 1 ColdFusion or 2 JavaScript component...

[SECURITY] Fedora 12 Update: xinha-0.96.1-1.fc12

Xinha is a Javascript component that can be used to enhance a textarea fiel d in HTML. It can be used on its own or as part of a larger WYSIWYG module such as Scribite...

CVE-2005-0976

AppleWebKit-based browsers (WebCore/WebKit) are affected by CVE-2005-0976, which allows remote attackers to read local files via the XMLHttpRequest component. The vulnerability affects Safari 1.2+ and OmniWeb 5.1+ (and other WebKit-based apps using file: URLs), triggered by attacker‑supplied cont...