Cross-site Scripting Vulnerability in Google Desktop by Google
CVE-2007-1085

Currently unrated

Key Information:

Vendor

Google
Status
Desktop
Vendor
CVE Published:
23 February 2007

What is CVE-2007-1085?

A cross-site scripting (XSS) vulnerability in Google Desktop enables remote attackers to execute arbitrary web scripts or HTML on user systems. This is achieved by exploiting an XSS flaw in google.com that allows attackers to extract the internal web server's signature. By manipulating the 'under' parameter in an Advanced Search, attackers can successfully bypass protective measures, potentially leading to unauthorized access to user systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id?1017686
vdb-entryx_refsource_SECTRACK
http://www.watchfire.com/resources/Overtaking-Google-Desk...
x_refsource_MISC
http://www.securityfocus.com/archive/1/460735/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.