Sponsored White Papers, Webcasts, and Downloads
TechRepublic Resources
- TechNet Webcast: How Microsoft Online Services Defends Against Cross-Site Scripting Vulnerabilities (Level 300)
- Cross-Site Scripting XSS vulnerabilities are a serious threat to providing Microsoft Online Services customers with a trustworthy computing experience. This webcast explains how inconsistently or poorly integrated validated output can cause XSS vulnerabilities. The attendee will learn how the Microsoft Anti-Cross Site Library provides product teams with a reliable, standard...
- Tags: Webcast, XSS, Cross-site Scripting Vulnerability, Microsoft Corp., Microsoft TechNet
- Webcasts 2007-04-24
- TechNet Webcast: How Microsoft Online Services Defends Against Cross-Site Scripting Vulnerabilities (Level 200)
- Cross-Site Scripting XSS vulnerabilities are a serious threat to providing Microsoft Online Services customers with a trustworthy computing experience. This webcast explains how inconsistently or poorly integrated validated output can cause XSS vulnerabilities. The attendee will learn how the Microsoft Anti-Cross Site Library provides product teams with a reliable, standard...
- Tags: Webcast, XSS, Cross-site Scripting Vulnerability, Microsoft Corp., Microsoft TechNet
- Webcasts 2007-04-24
- Windows 2000 IIS5 Security Patch: IIS Cross-Site Scripting Vulnerability (EXE)
- On August 25, 2000, Microsoft released the original version of this bulletin, to advise customers of the availability of a patch that eliminates a vulnerability in Microsoft Internet Information Server. However, an additional variant of the vulnerability was subsequently identified, and on October 30, 2000, the bulletin was updated to...
- Tags: Microsoft Windows 2000, Vulnerability, Cross-site Scripting Vulnerability, Microsoft Windows, Microsoft Corp., Bulletin, Microsoft IIS Server, Patches, Security
- Software downloads 2007-09-05
- Lock IT Down: Cumulative IIS patch includes fixes for four vulnerabilities
- Microsoft has released a cumulative IIS patch that affects Windows NT 4.0, Windows 2000, and Windows XP. Security bulletin MS03-018, "Cumulative Patch for Internet Information Service," includes patches for four recently disclosed vulnerabilities: one buffer overrun, two denial of service vectors, and one cross-site scripting threat.ApplicabilityThe cumulative patch includes all...
- Tags: information technology, John McCormick, Microsoft Corp., Microsoft IIS 5.0, Microsoft IIS Server, patch, vulnerability
- Technical articles 2003-06-09
Additional Resources
- Protect your Web site from cross-site scripting attacks
- Cross-site scripting XSS attacks, a method by which attackers embed HTML scripts either in Web postings stored XSS or input fields on a Web site reflected XSS, are gaining popularity, most likely due to the relative ease with which they can be executed on unwitting victims. You can assess the...
- Tags: Web, XSS, Web Site, Attack
- Download resources 2005-06-06
- Mozilla set to secure cross-site scripting in Firefox 3
- XSS (a.k.a. cross-site scripting) attacks are a bane that accompanies the world of mashups and Web 2.0 features on the Net. However, the problem may be solved in the next major release of Mozilla's Firefox 3 with support for the new W3C draft to secure XML over HTTP. ...
- Tags: Web, Mozilla Firefox, XSS, Mozilla Corp., Arun Radhakrishnan
- Blog posts 2007-08-23
- Use the revised OWASP Top Ten to secure your Web applications -- Part 2
- Cross site scripting XSS vulnerabilities are normally found in Web applications in which code injection is allowed. It is the most common Web application vulnerability. Scripts exploiting this weakness can cause serious problems for home and business users. In this download, Tom Olzak explores the types of cross site scripting...
- Tags: XSS, Web Application
- Download resources 2007-03-05
- Security Update for SharePoint Team Services (KB911701) (exe)
- A cross-site scripting and spoofing vulnerability exists in SharePoint Team Services from Microsoft. This update fixes that vulnerability. This version is the first release on CNET Download.com.
- Tags: Security, Microsoft SharePoint, Vulnerability, Microsoft Corp., Microsoft SharePoint Team Services, Groupware, Enterprise Software, Software
- Software downloads 2007-09-20
- Cross Site Scripting Explained
- This white paper briefs on how to stop Cross Site Scripting CSS attacks. It details the entire CSS technique and methods for securing a site against CSS attacks.
- Tags: XSS, Sanctum Inc.
- White papers 2002-06-05
- The Anatomy of Cross Site Scripting
- Cross site scripting XSS flaws are a relatively common issue in web application security, but they are still extremely lethal. They are unique in that, rather than attacking a server directly, they use a vulnerable server as a vector to attack a client. This can lead to extreme difficulty in...
- Tags: XSS
- White papers
- Security Update for FrontPage 2002 Server Extensions (KB911831) (exe)
- A cross-site scripting and spoofing vulnerability exists in FrontPage 2002 Server Extensions. This update fixes that vulnerability. This version is the first release on CNET Download.com.
- Tags: Microsoft FrontPage, Vulnerability, Server, Microsoft FrontPage 2002, Security
- Software downloads 2007-10-03
- Cross site scripting ?
- Hmm on occasion when posting a response to a question. I'm getting block foe cross site scripting from an untrusted source.This came up on NoScripts' console.Warning: Error in parsing value for property 'CURSOR'. Declaration dropped.Source File: http://by114fd.bay114.hotmail.msn.com/cgi-bin/dasp/EN/hotmail___1000000003.cssLine: 24When the question owner has a notify on ?
- Tags: Tony Hopkinson, XSS
- Discussion threads 2007-04-20
- Acunetix Web Vulnerability Scanner (exe)
- Acunetix Web Vulnerability Scanner WVS tests the security of your Web site by crawling it and launching popular attacks such as cross-site scripting and SQL injection. Identify vulnerabilities in shopping carts, forms, secured areas, and other Web applications before hackers do. 75% of Internet attacks are on Web-based applications because...
- Tags: Vulnerability, Web Application, Scanners, Security, Hardware, Peripherals
- Software downloads 2005-03-09
- Critical flaw in RealPlayer and Flash, warns US-CERT
- US-CERT has issued a warning concerning an unpatched vulnerability in RealPlayer and a flaw affecting Flash files. An excerpt from Register: A flaw in RealPlayer 11 build 6.0.14.748 might be used to inject hostile code onto Windows boxes running the software, security notification firm Secunia warns....
- Tags: Vulnerability, RealNetworks RealPlayer, Flaw, US-CERT, Digital Music, Digital Media, Security, Personal Technology, Consumer Electronics, Arun Radhakrishnan
- Blog posts 2008-01-04
- DOWNLOAD: Protect your Web site from cross-site scripting attacks
- http://techrepublic.com.com/5138-3513-5733744.htmlHave you had to fend off cross-site scripting attacks on your Web site? Tell us how you handled the problem and what you did to secure any vulnerability.Website securityHi Mark,Thanks for the info. This is exactly what i was looking for. Actually I had posted a message under how to...
- Tags: cross-site scripting, cross-site scripting attack, download, firewall, Java, Mark W. Kaelin, programming, security, Web, Web site, WebGoat, XSS
- Discussion threads 2005-06-06
- Google plugs 'obscure' phishing holes
- Google has fixed a security flaw that opened the door to phishing scams, account hijacks, and other attacks. Attackers could exploit the flaw, a cross-site scripting vulnerability, to launch phishing scams or steal a user's credentials.In the past, Google hasn't experienced as many security issues as other industry names--do you...
- Tags: Cyberthreats, Spam, SECURITY, Viruses and worms, phishing, Google Inc.
- Discussion threads 2005-12-22
- MSDN Webcast: Results Interpretation of Automated Web Attacking: Tips and Tricks (Level 200)
- While automated Web application vulnerability assessment tools are excellent productivity tools for developers and security professionals, these tools often yield some false-positive results. Would you like to know what you're looking at? This webcast will examine how to interpret the results of the following types of Web attacks: Cross-site scripting,...
- Tags: Microsoft Developer Network, Web, Webcast, Vulnerability Assessment, SQL, SQL Injection, Tool, Productivity, Security
- Webcasts
- What is cross-site scripting?
- Cross-site scripting, also known as "XSS," is a class of security exploit that has gotten a fair bit of attention in the last few years. Many users, and even Web developers, aren't entirely clear on what the term means, however. I'll explain cross-site scripting for you, so you...
- Tags: XSS, JavaScript, Web Site, Web Browser, Exploit, Cross-site Scripting Exploit, Cookies, Web Site Development, Internet, Chad Perrin
- Blog posts 2008-03-18
- Redundant Servlets Vulnerable to XSS Attack
- Vulnerability Description: The remote web server includes an example JSP application (/tomcat-docs/) that fails to sanitise user-supplied input before using it to generate dynamic content in an error page. An unauthenticated remote attacker may be able to leverage this issue to inject arbitrary HTML or script code into a user's...
- Tags: Application servers, Middleware, OPEN SOURCE, SECURITY, Java, mihai.balta@..., documentation web application, XSS, servlet
- Discussion threads 2007-07-20
- Redundant Servlets Vulnerable to XSS Attack (Un-deploy Tomcat documentation
- Vulnerability Description: The remote web server includes an example JSP application (/tomcat-docs/) that fails to sanitise user-supplied input before using it to generate dynamic content in an error page. An unauthenticated remote attacker may be able to leverage this issue to inject arbitrary HTML or script code into a user's...
- Tags: Application servers, Middleware, OPEN SOURCE, mihai.balta@..., servlet, Apache Tomcat, documentation web application, XSS
- Discussion threads 2007-07-20
- << Previous
- page 1 of 1
- Next >>
