ascii wrote: > Pete Licoln wrote: >> It's just a browser based Js redirection.... >> > http://www.nvidia.com/content/DriverDownload/download_confirmation.asp?kw=&url=http://whatismyip.com > > and what makes it worst than an http redirection? > > http://www.nvidia.com/content/DriverDownload/download_confirmation.asp?kw=&url=javascript:alert(document.domain); > > bye!
Has this been reported to nvidia's web/security team? The real test of a company's security is how fast and how well they fix security problems. Code is almost never perfect. -- Eitan Adler "Security is increased by designing for the way humans actually behave." -Jakob Nielsen _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
