Security firm McAfee has confirmed that its site contains vulnerabilities, but has promised that the problems do not affect customer security.
Reports about the vulnerabilities spread on Monday after researchers posted details on the Seclists.org disclosure site.
The YGN ethical hacker group said that it had found a number of problems on the McAfee web pages, including some that could lead to cross site scripting attacks and information disclosure.
However, McAfee played down the reports, and said that the company is fixing the problems and that customers are not at risk.
"Early on Monday March 28 2011, various online news outlets reported on vulnerabilities in McAfee web sites. McAfee is aware of these vulnerabilities and we are working to fix them," the firm said in a statement.
"It is important to note that these vulnerabilities do not expose any of McAfee's customer, partner or corporate information. Additionally, we have not seen any malicious exploitation of the vulnerabilities."
Embarrassingly, this is not the first time that McAfee has had security weaknesses on its pages.
In April last year, McAfee was shamed at the popular Infosec event in London when resarchers pointed out that the company had released a security update that led to a blue screen of death on host computers.
"I want to apologise on behalf of McAfee, and say that we're extremely sorry for any impact the faulty signature update file may have caused you and your organisations," said Barry McPherson, McAfee's executive vice president of support and customer service, in a blog post after the event.
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff