cross site scripting
Microsoft Anti-Cross Site Scripting Library 3.0
Will help you to protect your current applications from cross-site scripting attacks, at the same time helping you to protect your legacy application with its Security Runtime Engine more>> Microsoft Anti-Cross Site Scripting Library 3.0 allows you to prevent your recent applications from cross-site scripting attacks, at the same time helping you to protect your legacy application with its Security Runtime Engine.<<less
Microsoft Windows 2000 Patch: Indexing Service Cross Site Scripting Update
Microsoft Windows 2000 Patch: Indexing Service Cross Site Scripting Update is written to be a handy program which can help tackle the Indexing Services Cross Site Scripting vulnerability more>>
Microsoft Windows 2000 Patch: Indexing Service Cross Site Scripting Update is written to be a handy program which can help tackle the "Indexing Services Cross Site Scripting" vulnerability in Indexing Services for Windows 2000 and discussed in Microsoft Security Bulletin MS00-084. Download now to prevent a malicious user from introducing code on your Web server and returning it as a Web page to a visiting browser.
Indexing Services is a search engine that is integrated with Internet Information Services (IIS) 5.0 and Windows 2000 that allows browsers to perform full-text searches of Web sites. Indexing Services does not properly validate all search inputs before processing them, and is consequently vulnerable to Cross-Site Scripting (CSS). CSS allows a malicious user to "inject" code into another person's Web session. If a malicious user is successful in exploiting this vulnerability, he or she can use a Web site hosted by your server to run code on a visting user's browser each time it returns to your Web site.
Note Indexing Services ships and installs with Windows 2000, but is not enabled by default. If you are running Web servers on Windows 2000 and you have enabled Indexing Services, Microsoft recommends that you apply this update.
eBay Niche Site Script 2.0
The eBay Niche Site Script is a PHP script that PLUGS IN to your website more>> The eBay Niche Site Script is a PHP script that PLUGS IN to your website or Ecommerce site allowing you to display Ebay products via RSS You can build an entire Niche shop site with dynamic links through to ebay products<<less
Website-Scripts 1
A large PHP, CGI, Perl, JavaScript, Java and ASP script directory site. more>> Website-Scripts is a large PHP, CGI, Perl, JavaScript, Java and ASP script directory site. All Web scripts have been categorised into many sub categories within each main language category. Many are designed to help enhance the layout and functionality of developers websites. Many scripts are free to download and use.<<less
Michigan web site hosting 1.0
Michigan web site hosting toolbar for Internet Explorer. Find hosting services for the michigan area. Easily find the best hosting services for you fr... more>> <<less
Microsoft IIS4 Cross-Site Scripting Vulnerability Patch (MS00-060)
Microsoft IIS4 Cross-Site Scripting Vulnerability Patch (MS00-060) is a professional and smart patch which eliminates security vulnerabilities in the Microsoft Internet Information Server. more>>
Microsoft IIS4 "Cross-Site Scripting" Vulnerability Patch (MS00-060) is a professional and smart patch which eliminates security vulnerabilities in the Microsoft Internet Information Server.
The vulnerabilities could allow a malicious Web site operator to misuse another Web site as a means of attacking users. This vulnerability, known as Cross-Site Scripting (CSS), results when Web applications don't properly validate inputs before using them in dynamic Web pages. If malicious Web site operators were able to lure a user to their site, and had identified a third-party Web site that was vulnerable to CSS, they could potentially use the vulnerability to ""inject"" script into a Web page created by the other Web site, which would then be delivered to the user.
The net effect would be to cause the malicious user's script to run on the user's machine. The vulnerability can affect any software that runs on a Web server, accepts user input, and blindly uses it to generate Web pages. Microsoft recommends that all vendors check their products to see if any are affected by the vulnerability, and initiated a check of its own products, as well. Several features in IIS were found to be affected--some were found by Microsoft internal teams, and others were identified by customers--and this patch eliminates all of them.
MS-Agent Scripting Software 2.2
MASS is an easy to use tool to create MS Agent scripts with animated, speaking characters. You can easily create agent scripts by dragging the charact... more>> <<less
Cross Fire v1021 Updated Client 1021
Cross Fire v1021 Updated Client 1021 is designed as the latest update client file for gamer! This updated client includes new weapons, new items, and more. Read the readme for details. more>> <<less
Cross Cultural Communication 1.0
Speedy Information toolbar for Internet Explorer. Find information on Sports and 400 odd niches. more>>
Speedy Information toolbar for Internet Explorer. Find information on Sports and 400 odd niches. Easily gain all the information you need directly from your browser tool bar.
Requirements: Internet Explorer
<<lessTrillian Scripting Host 0.31
Trillian Scripting Host will give you the opportunity to write your own Trillian plugin in JScript more>>
Windows 2000 IIS5 Security Patch: IIS Cross-Site Scripting Vulnerability Q275657
Windows 2000 IIS5 Security Patch: IIS Cross-Site Scripting Vulnerability is released as a customizable and helpful patch that eliminates a vulnerability in Microsoft Internet Information Server. more>>
Windows 2000 IIS5 Security Patch: IIS Cross-Site Scripting Vulnerability Q275657 is released as a customizable and helpful patch that eliminates a vulnerability in Microsoft Internet Information Server.
However, an additional variant of the vulnerability was subsequently identified, and on October 30, 2000, the bulletin was updated to advise customers of the availability of an updated patch.The updated patch eliminates all known variants of the vulnerability.
Requirements: Windows 2000
XML for Script 2.1
XML for Script is considered to be a handy and useful non-validating JavaScript XML parser which is designed to help Web application designers implement cross platform, client-side manipulation of XML data. more>> <<less
Microsoft Security Bulletin MS03-047 828489
Vulnerability in Exchange Server 5.5 Could Allow Scripting Attack more>> A cross-site scripting (XSS) vulnerability results due to the way that Outlook Web Access (OWA) performs HTML encoding in the Compose New Message form.
An attacker could seek to exploit this vulnerability by having a user run script on the attackers behalf. The script would execute in the security context of the user. If the script executes in the security context of the user, the attackers code could then execute by using the security settings of the OWA Web site (or of a Web site that is hosted on the same server as the OWA Web site) and could enable the attacker to access any data belonging to the site where the user has access.
To exploit this vulnerability through OWA, an attacker would have to send an e-mail message that has a specially-formed link to the user. The user would then have to click the link. To exploit this vulnerability in another way, an attacker would have to know the name of the users Exchange server and then entice the user to open a specially-formed link from another source while the user is logged on to OWA.
Note: Customers who have customized any of the ASP pages in the File Information section in this document should backup those files before applying this patch as they will be overwritten when the patch is applied. Any customizations would then need to be reapplied to the new ASP pages. Please refer to the Microsoft Support Policy for the Customization of Outlook Web Access available at http://support.microsoft.com/default.aspx?scid=kb;en-us;327178
<<less10 Useful DHTML Scripts Collection 1.0
10 Useful DHTML Scripts Collection is a compilation of 10 useful DHTML scripts to enhance your Web site with more>>
Microsoft Security Bulletin Summary for August 1.0
Bulletin Identifier Microsoft Security Bulletin MS04-026 Bulletin Title Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting and Spoofing Attacks (842436) more>> Bulletin Identifier
Microsoft Security Bulletin MS04-026
Bulletin Title
Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting and Spoofing Attacks (842436)
Executive Summary
A cross-site scripting and spoofing vulnerability exists in OWA for Exchange Server 5.5 that could cause a user to run script on the attackers behalf.
Maximum Severity Rating
Moderate
Impact of Vulnerability
Remote Code Execution
Affected Software
Microsoft Exchange, Outlook Web Access. For more information, see the Affected Software and Download Locations section.
