View Full Version : Mozilla Firefox "locations.hostname" DOM Property Handling Vulnerability
ronjor
February 16th, 2007, 07:17 AM
-{ Quote: "Description:
Michal Zalewski has reported a vulnerability in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions" }-Secunia (http://secunia.com/advisories/24175/)
Mrkvonic
February 16th, 2007, 07:50 AM
Hello,
Requires javascript enabled and session cookies accepted.
Mrk
tlu
February 17th, 2007, 02:46 PM
-{ Quote: "Hello,
Requires javascript enabled and session cookies accepted.
Mrk" }-
... which is another confirmation how important the extension Noscript is.
Brian N
February 18th, 2007, 07:44 PM
And you can test it here: http://lcamtuf.dione.cc/ffhostname.html
nadirah
February 19th, 2007, 11:18 AM
-{ Quote: "And you can test it here: http://lcamtuf.dione.cc/ffhostname.html" }-
NoScript saved my life.
ronjor
February 22nd, 2007, 07:03 PM
Mozilla Working On Fix For Firefox Flaw -{ Quote: "The security update for the open-source browser originally was slated to be released on Feb. 21 but was pushed back in order to accommodate a fix for this new flaw " the location.hostname vulnerability -- and other security and stability issues." }-Article (http://www.informationweek.com/story/showArticle.jhtml?articleID=197008167)
vBulletin® Copyright ©2000-2012, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2012, Wilders Security Forums