[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Malicious Code Execution Vulnerability In the URL Of crowdstar (Facebook Application Devloper)

To: h4ck3r_in@xxxxxxxxxxxxxxxx, null-co-in@xxxxxxxxxxxxxxxx, sec-adv@xxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Malicious Code Execution Vulnerability In the URL Of crowdstar (Facebook Application Devloper)
From: rockey killer <skg102@xxxxxxxxx>
Date: Thu, 4 Feb 2010 14:33:24 +0530

About Crowdstar <http://www.crowdstar.com>

The coolest social gaming company that provides games for social networking
sites as like in  facebook.com . There are applications on the facebook
which are bieng devloped by crowdstar.

Vulnerability

Malicious code execution in the URL and redirection in the URL , which can
be further utilised to comromise accounts of users of facebook.

Vulnerability Reported on

Wed, Jan 20, 2010 at 12:37 AM

Vulnerability was fixed on

Wed, Jan 20, 2010 at 1:24 AM

Vulnerability was fixed by

Suren Markosian  (Technical Member of Crowdstar)

Credits

This Vulnerability was discovered and reported by H4CK3R Crew<http://h4ck3r.in/>

-- 

Rockey Killer

It's all about Hacking and Security

http://h4ck3r.in/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] Anyone got a contact at PGP?
Next by Date: Re: [Full-disclosure] anybody know good service for cracking md5?
Previous by thread: Re: [Full-disclosure] Anyone got a contact at PGP?
Next by thread: Re: [Full-disclosure] anybody know good service for cracking md5? 6A9-4CD
Index(es):
- Date
- Thread