Site menu:

Welcome | Products & Services | Security Portal | Commentary | Employment | FAQ | Privacy |

Innovation in Information Security

Coverage of important Information Security and Information Technology news and events from the research team at S?nnet Beskerming.

Username: | Password: Contact us to request an account

Problems in Custom Search Engines

Custom search engines are offered by the major online search providers to give site maintainers an easy-to-use search engine that site visitors can use to search their site and the Internet at large.

The ongoing Month of Search Engine Bugs has uncovered vulnerabilities that are affecting the custom search engine solutions from both Google and Yahoo! For an otherwise secure site, the presence of these third party extensions could represent a significant security threat that will allow an attacker to capture sensitive user data (from cookies) or perform arbitrary XSS or HTML injection attacks.

Site administrators should weigh up the risks and benefits of using third party code on their sites, irrespective of the source.

16 June 2007

Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis

Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.

Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.

Comments will soon be available for registered users.

More information:

Subscribe to our feed.

Commentary & Insight From Sûnnet Beskerming202420232022202120202019201820172016201520142013201220112010200920082007 - December - November - October - September - August - July - JuneHunting SafariAcknowledging the Importance of Web SecurityA BlackHat ShowdownVista Security Claims Not All They AppearMicrosoft.co.uk Loses FaceHarry Potter Real-World PSYOPSQuicken Recovery Password Discovered?Data Theft Incident WorsensHey, What are Those Ads Doing?Symantec's Challenge to SiteAdvisorFrench Government BlackBerry use CurtailedVista's Changes Not Enough, Says GoogleThe Tribulations of Government ITConsolidation in the Security IndustryNew Web Attack Platform Draws AttentionWhat is the Value of Your Credit Card Details?Apple Release New Point ReleaseMicrosoft Movements With Widespread EffectsHiding What is in use on VistaYahoo! Founder Steps Back in as CEOProblems in Custom Search EnginesThe Art of Seeing What's Not ThereGaming the System = $1,000,000 USD?An Apple a DayMicrosoft's June Security Patch ReleaseFrom Release to Attack in a Few HoursMore Results From the Month of Search Engine BugsInformation Security Expert MovesI Know What You Did Last VisitRecent Yahoo! Messenger Vulnerabilities Attract AttacksThis is not a Real Security UpdateJune 2007 Microsoft Security Patch Advance NotificationRisks of Persistent StorageTech Community Pressure Helps get Case Turned OverWeb Servers as Viewed by GoogleMOSEB UnderwayDeveloping Safe Sites is HardMisidentification HurtsCity Loses Funds After Systems InfectedAntivirus Vendors and Filtering VulnerabilitiesWhen Good Intentions go Bad - May - April - March - February - January20062005

Patch Briefs

Reach Us:

Reach us at
info@beskerming.com

Reach us via IM

Jabber:
Server - jabber.org.au Account - Sunnet.Beskerming

AIM / iChat:
sunnetbeskerming

ICQ:
339742914

Google Talk:
Sunnet.Beskerming

Yahoo! Messenger:
sunnet.beskerming

MSN:
info@beskerming.com

Testimonials

"...extremely timely, accurate reporting..."

"...honesty which is refreshing..."

Copyright © 2005-2011 Sûnnet Beskerming Pty. Ltd. Design by Andreas Viklund.