CVE-2007-1085

NONECVSS 0.0

0.0

Cross-site scripting (XSS) vulnerability in Google Desktop allows remote attackers to bypass protection schemes and inject arbitrary web script or HTML, and possibly gain full access to the system, by using an XSS vulnerability in google.com to extract the signature for the internal web server, then calling the "under" parameter in Advanced Search with the proper signature.

🔗 References (16)

cve@mitrehttp://osvdb.org/33483
cve@mitrehttp://securityreason.com/securityalert/2301
cve@mitrehttp://www.kb.cert.org/vuls/id/615857
cve@mitrehttp://www.securityfocus.com/archive/1/460735/100/0/threaded
cve@mitrehttp://www.securityfocus.com/archive/1/460928/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/22650
cve@mitrehttp://www.securitytracker.com/id?1017686
cve@mitrehttp://www.watchfire.com/resources/Overtaking-Google-Desktop.pdf
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/33483
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/2301
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/615857
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/460735/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/460928/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/22650
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017686

Is Your Infrastructure Affected by CVE-2007-1085?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-1085

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-1085?