Direct Links
english
deutsch

FileBox Login
Offene Stellen / Jobs
 

Oracle RDC Onsite XSS Vulnerability

October 18, 2011;

Michael Schmidt from Compass Security identified a vulnerability in an Oracle product. It is possible to insert JavaScript code into the search form of the RDC Onsite Help form. This JavaScript code is returned to the user without critical characters being replaced to their corresponding HTML entities. Oracle confirmed this vulnerability and released a patch. Oracle Tracking ID: 18244549 Advisory Date: 2011-10-18

Links:
 

News

Are you Forensic Ready?
5/2/12 - IT Forensic

CeBIT 2012: Live-Hacking@CeBIT 2012: Mobility versus Security - Who will win?
2/29/12 - CeBIT as the heart of the digital world

HTML5 Web Security
12/7/11 - HTML5 Security Research Report

Review BlackHat / Defcon 2011
11/8/11 - This year, as every year, two security analysts of Compass Security AG participated in the BlackHat and Defcon in Las Vegas.

Oracle RDC Onsite XSS Vulnerability
10/18/11 - Compass Security has found a vulnerability in ORACLE RDC ONSITE.