Flock Browser RSS Feed Cross Site Scripting Vulnerability Network Vulnerability

Summary

This host is installed with Flock browser and is prone to cross site scripting vulnerability.

Impact

Successful exploitation will allow attackers to execute HTML code in the context of the affected browser, bypass the same-origin protection and obtain potentially sensitive information. Impact Level: Application

Solution

Upgrade to the Flock version 3.0.0.4114 For updates refer to http://www.flock.com/

Insight

The flaw is due to the improper validation of user-supplied input when processing RSS feeds.

Affected

Flock versions 3.0 to 3.0.0.4113

References

http://www.securityfocus.com/archive/1/archive/1/513701/100/0/threaded
http://xforce.iss.net/xforce/xfdb/61820

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3262

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Mac OS X)
Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Windows)
Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)
Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities (Windows)
Apple Safari Webkit Multiple Vulnerabilities - May13 (Mac OS X)

Flock Browser RSS Feed Cross site scripting Vulnerability

Take action and discover your vulnerabilities