how to prevent script based attacks ?

comodo internet security is a great tool but failed in certain tests which can execute malicious scripts
for this i think browsers may be placed in sandox unless and until required by the user to save from malicious scripts which is by far the commost kind of attack
thank you

but browsers do not seem to function when level is raised to restricted or untrusted

What tests? Please link.

hostexploit has many (for academic purpose only )

I didn’t know this site (but i am not an english native speaker either).

I shall try as soon as i have some time and provide you my feedback with the said tests.

Thanks, i allready bookmarked the link i got from Google after your last post…but give me some time to make the tests.

The site says i am vulnerable to 2 of the exploits (don’t know what to do about it, as Firefox is supposed to keep from page redirection and NoScript from scripts themselves…), but most of the tests fail…because i don’t use IE.

Excepting of course specific attacks (like ActiveX), it is a shame that whatever security test should be done only for IE.

some of the test fail in opera too

Could you be more precise? I don’t like the mysterious role you are playing here. It makes you look like somebody who is desperately after his 15 minutes of fame a postulated by Andy Warhol in the late 60’s.

To be frank with you. If you find a security problem provide us with a concise and precise description of how it works. It also should describe what we expect to happen and what actually happens.

When capable provide us with a proof of concept that does not damage our systems; we like something we can click on that corroborates your thesis.

Don’t post a link to live malware if that is your proof of concept. Please PM me or any other mod about and I will first move your post and inform Comodo staff for them to take a look and assess the problem.

The link posted by scary bear is not malware but a security site.

As i said, some of its tests don’t run for me because they are only for IE, but i fail some others: you can test by yourself.