日韩无码专区无码一级三级片|91人人爱网站中日韩无码电影|厨房大战丰满熟妇|AV高清无码在线免费观看|另类AV日韩少妇熟女|中文日本大黄一级黄色片|色情在线视频免费|亚洲成人特黄a片|黄片wwwav色图欧美|欧亚乱色一区二区三区

RELATEED CONSULTING
相關(guān)咨詢
選擇下列產(chǎn)品馬上在線溝通
服務(wù)時(shí)間:8:30-17:00
你可能遇到了下面的問題
關(guān)閉右側(cè)工具欄

新聞中心

這里有您想知道的互聯(lián)網(wǎng)營(yíng)銷解決方案
譯文:英特爾安全中心爆跨站漏洞

英特爾安全中心是家提供英特爾產(chǎn)品安全問題咨詢的機(jī)構(gòu)。“通過安全警告和安全告示,英特爾一直在致力于改善我們的客戶計(jì)算環(huán)境的安全。

創(chuàng)新互聯(lián)公司專注于網(wǎng)站建設(shè)|企業(yè)網(wǎng)站維護(hù)|優(yōu)化|托管以及網(wǎng)絡(luò)推廣,積累了大量的網(wǎng)站設(shè)計(jì)與制作經(jīng)驗(yàn),為許多企業(yè)提供了網(wǎng)站定制設(shè)計(jì)服務(wù),案例作品覆蓋成都不銹鋼雕塑等行業(yè)。能根據(jù)企業(yè)所處的行業(yè)與銷售的產(chǎn)品,結(jié)合品牌形象的塑造,量身設(shè)計(jì)品質(zhì)網(wǎng)站。

因?yàn)樗鼈兊某霈F(xiàn),我們將致力于迅速解決該問題,并提供解決問題建議,”在主頁網(wǎng)站上的一條消息說明。

在http://security-center.intel.com上的跨站腳本漏洞是一個(gè)名叫Methodman的黑客發(fā)現(xiàn)的。這個(gè)安全漏洞似乎影響到所有咨詢網(wǎng)頁,可以使用個(gè)人發(fā)布的惡意軟件,進(jìn)行釣魚或各種不同的惡意攻擊。

Methodman公布了代碼的和截圖證明,演示攻擊者如何注入任意的IFRAME網(wǎng)址或引發(fā)重定向到另一個(gè)鏈接。此外,劫持cookie會(huì)話或開惡意玩笑也是可能的。作者寫完這篇文章時(shí),該漏洞仍然存在。
  

原文如下:
  Intel Security Center Lacks Security
  A cross-site scripting flaw affecting the Intel Product Security Center website has been disclosed. Successful exploitation allows for rogue iframe injection, arbitrary redirection and session cookie hijacking.
  The Intel Security Center is home to advisories regarding security issues that affect Intel products. "Intel is focused on improving the security of our customers computing environments. We are committed to rapidly addressing issues as they arise, and providing recommendations through security advisories and security notices," a message on the website's main page notes.
  The XSS weakness on http://security-center.intel.com has been discovered by a hacker going by the nickname of Methodman. The flaw seems to affect all advisory pages and can be used by ill-intentioned individuals to distribute malware, launch phishing campaigns, or instrument various malicious attacks.
  The proof-of-concept code and screenshots published by Methodman demonstrate how poor URL validation allows an attacker to inject an arbitrary iframe or trigger a redirection to another link. In addition, revealing session cookies or launching rogue alerts is also possible. At the time this article was being writtten, the flaws were still active.


網(wǎng)頁名稱:譯文:英特爾安全中心爆跨站漏洞
轉(zhuǎn)載注明:http://m.5511xx.com/article/cdghdhj.html