Community Web sites such as MySpace.com are increasingly targeted by computer hackers, who claim they debunked a large number of flaws that could be exploited to steal personal information of these social networking websites.

The alleged vulnerabilities are to be demonstrated this week at the Black Hat conference in Las Vegas. The conference is a popular gathering spot for hackers and computer security researchers.

Exploiting community sites has been an increasingly popular field of research for security engineers and computer hackers.

One of them, Rick Deacon, a 21-year-old network administrator from Beachwood, Ohio, says he's discovered a non-patched vulnerability in MySpace, that allows a hacker to execute malicious code and alter other users' Web pages.

It is said, that the flaw only affects older versions of Firefox and Internet Explorer is not affected.

Deacon claims the attack uses a cross-site scripting flaw that allows an intruder execution of a malicious code on someone else's Web page.

Security researchers and independent security experts say the flaw couldn't be well and truly verified but it is likely to be true, because cross-site scripting attacks are a big problem for community wesites, where it's difficult to police the content.

Deacon reported the flaw requires an action of a user to be executed. A victim clicks on a forged link that leads to a Web site that hijacks cookie information.

MySpace declined to comment about Deacon's revealing. Instead, the company issued a statement saying "it's our responsibility to have the most responsive, solely dedicated 24-7 safety and security team, and we do."

Source: www.best-spyware-removal.com