RootDev@blog:~$

Publicaremos poco a poco nuevas vulnerabilidades que vayan apareciendo e intentaremos explicar la forma más sencilla de corregir y/o parchear ésta, a la par que indicando un poco por encima de qué trata cada vulnerabilidad :-)


Elgg 1.8 beta2 and prior to 1.7.11 'container_guid' and 'owner_guid' SQL Injection

Calisto light, light plus and full, SQL Injection and user or Admin bypass

Internet Explorer 6, 7 and 8 Window.open race condition Vulnerability

Google Chrome Instaled extensions arbitrary detection

Safari for windows Invalid SGV text style Webkit.dll DoS

Google Chrome and Chrome frame Prompt DoS

Safari for windows Long link DoS

K-Meleon for windows about:neterror Stack Overflow DoS

Google Services Notifier Chrome extension XSS/CSRF

Notifier for Google Wave Chrome extension XSS/CSRF

Gmail Checker plus Chrome extension XSS/CSRF (Parte II)

Gmail Checker plus Chrome extension XSS

Firefox 3.6.2 & 3.6.3 and flock 2.5 browsers uncaught excepcion DoS

Flock browser marquee tag DoS

Internet explorer 7 & 8 URL Validation Vulnerability

Internet explorer 6, 7 y 8 URL Validation Vulnerability

Google Chrome Frame null domain XSS

Wowd search client multiple variable XSS

Cofidis.es pudo ver sus datos comprometidos

IE8 Save as Title Bug

Multiple Browsers Fake url folder & file Same origin Spoof

Bing.com WebmasterAuthenticationInformationPage.aspx XSS

Internet explorer pwned Avant Browser

Orca Browser browser:home Persistent XSS vulnerability

Avant Browser browser:home Vulnerabilidades XSS Persistentes

Bing.com Search engine, cache.aspx XSS

Google Chrome About:blank spoof

Google Chrome close() issue

Comtrend HG536+ poligon firmware tftp vulnerable

Caja Granada parchea su web

Ejecución automática de aplicaciones en Safari 4

Vulnerabilidades en Comtrend HG536+

IE8 beta RC1 res://ieframe.dll/acr_error.htm Spoofing

Vulnerabilidad en GMail permite cambiar la contraseña de acceso sin permiso alguno

Entidades bancarias españolas ante el phishing II

Safari 3.2.1 for Windows SafariURL protocol Handler abusse(null Deference)

Safari for Windows 3.2.1 Remote http: URI handler DoS

La banca española ante el phising