Now Playing

Despicable Me 2


smile

Todays Trailer & Spoiler :

Despicable Me 2

Release: Since JULY 2013


Plot Summary

Get ready for a minion laughs in the funniest blockbuster hit of the year!

Vying for the title of “World’s Greatest Villain”, Gru (voiced by Steve Carell) – along with his hilarious crew of mischievous minions –

plots to pull off the craziest crime of the century: steal the moon!

But when Gru enlists the help of three little girls, they see something in him nobody else has ever seen: the perfect dad.

From executive producer Chris Meledandri (Horton Hears a Who, Ice Age), and featuring the voices of an all-star comedic cast, including Jason Segel, Russell Brand, Miranda Cosgrove and Julie Andrews, Despicable Me is “rousingly funny, heartfelt and imaginative".



Pete Hammond

OS9USER Newsroom Reporter's Profile

George Proulx Lynn Sorel Brian Palmer

Tap or Click To See Our Profile

Hacker Releases IE Attack Code (Treasure Hunt)

Thursday, May 15, 2008
One week after hiding Internet Explorer attack code on his Web site, security researcher Aviv Raff has posted details on how to launch the attack.

The bug lies in the "Print Table of Links" feature, which lets IE users print out a Web page along with a list of all the links on the page tacked onto the end.

In this article, I included some sample code of this bug. The code executes Windows Calculator (harmless). But first lets talk some more about this bug.

Summary

Internet Explorer is prone to a Cross-Zone Scripting vulnerability in its “Print Table of Links” feature. This feature allows users to add to a printed web page an appendix which contains a table of all the links in that web page.

An attacker can easily add a specially crafted link to a web page (e.g. at his own website, comments in blogs, social networks, Wikipedia, etc.), so whenever a user will print this web page with this feature enabled, the attacker will be able to run arbitrary code on the user’s machine (i.e. in order to take control over the machine).

Affected version

Internet Explorer 7.0 and 8.0b on a fully patched Windows XP.

Windows Vista with UAC enabled is partially affected (Information Leakage only).

Earlier versions of Internet Explorer may also be affected.

Technical details

Whenever a user prints a page, Internet Explorer uses a local resource script which generates an new HTML to be printed. This HTML consists of the following elements: Header, web page body, Footer, and if enabled, also the table of links in the web page.

While the script takes only the text within the link’s inner data, it does not validate the URL of links, and add it to the HTML as it is. This allows to inject a script that will be executed when the new HTML will be generated.

Proof of Concept

The following is an example of a URL which executes Windows Calculator:


http://www.google.com/?q=<script defer>new ActiveXObject(“Wscript.Shell”).run(“calc”)</script>


A live proof-of-concept can be found at milw0rm.

Microsoft is
thinking about putting a fix for the problem in an upcoming security update, the company said in a statement. It too downplayed the risk.

Now you know why OS9USER hates Microsoft !

Labels:


0 Comments left so far ...

Post a Comment






 

How How 'Star Trek's Sulu' Is Waging War On Russia

You probably associate "Star Trek" star George Takei with funny Facebook posts and clever, well-informed commentary. Only lately has the former Sulu taken on a more serious role on the world stage ... Read More ...

Watch for Updates !
TV: Tonight's Picks

YouTube Video's

Box Office Movies

OS9USER Trending Stories

iTunes Song




iTunes Top Free


Best Android APP Award


OS9USER Editor's Choice :

Top Free App : TweetCaster for Twitter
(Free)

Anyone who wants to use Twitter on a tablet should take a look at TweetCaster. It has an intuitive interface and a veritable feast of features including support for multiple accounts, a powerful search function, speech to text for tweets, filters, themes, widgets … the list goes on and on. It’s a solid and reliable app that manages to pack in a lot of functionality without overwhelming you. It’s better than the official Twitter app.


iTunes Top Free Movies


Play Station Game Review

OS9USER.Android APPS Review Corner



We Provide News
To 33 Country(s)
Around The World

Grab Our RSS News Feed
On Your Device


HomePage Updated Daily !

OS9USER News Room

Click Here &
Bookmark Us

Works on Iphone & Ipads !

Powered by Blogger



OS9USER News Room Copyright © 2006-2013 All Rights Reserved.