Security and Vulnerabilities of Browser Applications

Security and Vulnerabilities of Browser ApplicationsHi friends,I would like to discuss the ashes vulnerabilities, relevant CVE identifiers, cyber protective covering solution and some of common findings I encountered while using sack up browser applications. agreement vulnerabilities are weaknesses benefits the attackers to introduce the malware and other threats to the system. These threats are harmful to softwares and internet applications and which are mitigated by various guarantor mechanisms and procedures. Both hardware and software are vulnerable to various threats and appropriate security measures are needed to be make upressed.Cross site scripting is vulnerability which may be initially intentional in a legal way. The attacker efficiently carries out something malevolent mission in users browser while perchance visiting of fake URL. For instance, the malicious script which possesses XSS bugs will be executed in the context of a website. In order to run malicious Jav aScript enrol in users browser, the attacker manipulates a use to site the webpage with injected JavaScript play load.Common Vulnerabilities and Exposure (CVE)It is a dictionary of common names for cyber security vulnerabilities. The products and services well-suited with CVE earmark better exposure, interoperability and improved protection. The following are the list of recent vulnerabilities through cross site scripting in CVE database.eClinicalWorks Patient Portal 7.0 build 13 was designed on January 27, 2017. The common vulnerability identifier is 95835 and entry is CVE-2017-5599. This was encountered with cross site scripting vulnerability which affects the page inwardly the patient portal. The socially manipulated play load executed within the patient portal javascript page without any authentication. This vulnerability pulls out important information or attacks users browser.The CVE entries are CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, CVE- 2016-4261, CVE-2016-4262, CVE-2016-4263, CVE-2016-6980.Cyber security measures and solutions for the above vulnerabilitiesThe security measures like add plug in antivirus or firewall software applications in the browser hobo scan incoming and outgoing data traffic, scanning analysis of suspicious files and malicious applications protect the personal information and online transactions and protection against the untrusted wifi.The vulnerabilities discovered in my system/common findingsWhen I opened the manipulated URL, the payload executed within my browser without any authentication. This lead to infection and entry Xs bugs into my system. The system vulnerabilities discovered area) Cross site scripting lead attack on browser applications and operating systemb) Unauthentically accessed the personal/sensitive informationc) Entry of malicious applications and bugsReferenceshttps//www.hq.nasa.gov/security/it_threats_vulnerabilities.htmhttps//www.symantec.com/connect/articles/five-com mon-web-application-vulnerabilitieshttps//cve.mitre.org/cgi-bin/cvekey.cgi?keyword=cross+site+scriptingResponse1HiI like extend the discussion of System Vulnerabilities-Adobe flash player and security concerns.Adobe flash player is an application used to generate graphics, animations, browser games, rich internet applications, desktop applications and mobile games. boulder clay now, Adobe has more than 94 Vulnerabilities. I like to mention some of the cyber security solutions which improve the protection of adobe flash player such as periodical update of software and always using cyber security tools with multilayer protection. Mostly, the cyber criminal hack the default chrome plugins like Adobe flash player. The recent security improvements made by experts in Night watch cyber security team in duck soup software development to help their customers and solve the issues. The Adobe AIR security facilitate controlled environment for the unfaithful websites and running other applicati ons from various resources.Responses 2Hello Avinash,I would like to mention the advanced versions of IBM Web knowledge base applications designed with security functions. These IBM WSA version7, V8, V 8.5 are prone to the attacker and prevent the gathering of sensitive information. SSLv3 vulnerability (CVE-2014-3566) is the reason for the loss of sensitive information IBM server. This can be appropriately mitigated by the IBM web server security versions with default security. Most valuable infrastructure based preventive measures integrated into to the web sphere application server. So the advance versions of the web application can counter the malware and leakage of sensitive information from a server.With regards