Security firm McAfee has confirmed that its site contains vulnerabilities, but has promised that the problems do not affect customer security.
Reports about the vulnerabilities spread on Monday after researchers posted details on the Seclists.org disclosure site.
The YGN ethical hacker group said that it had found a number of problems on the McAfee web pages, including some that could lead to cross site scripting attacks and information disclosure.
However, McAfee played down the reports, and said that the company is fixing the problems and that customers are not at risk.
"Early on Monday March 28 2011, various online news outlets reported on vulnerabilities in McAfee web sites. McAfee is aware of these vulnerabilities and we are working to fix them," the firm said in a statement.
"It is important to note that these vulnerabilities do not expose any of McAfee's customer, partner or corporate information. Additionally, we have not seen any malicious exploitation of the vulnerabilities."
Embarrassingly, this is not the first time that McAfee has had security weaknesses on its pages.
In April last year, McAfee was shamed at the popular Infosec event in London when resarchers pointed out that the company had released a security update that led to a blue screen of death on host computers.
"I want to apologise on behalf of McAfee, and say that we're extremely sorry for any impact the faulty signature update file may have caused you and your organisations," said Barry McPherson, McAfee's executive vice president of support and customer service, in a blog post after the event.
The new policy is aimed at making the social network is a safer place
Amazon robot would probably be little more than an Amazon Echo on wheels
Citrix claims Workspot has 'continued to mislead the market' and use Citrix-patented features
Using proven technology from wireless, coax and ADSL/VDSL communication