Artikel-Archiv: „September 2011“

iOS-Skype angreifbar. Nachsitzen ist überfällig.

A Cross-Site Scripting vulnerability exists in the „Chat Message“ window in Skype 3.0.1 and earlier versions for iPhone and iPod Touch devices. Skype uses a locally stored HTML file to display chat messages from other Skype users, but it fails to properly encode the incoming users „Full Name“, allowing an attacker to craft malicious JavaScriptweiterlesen