Discussion in 'other security issues & news' started by ronjor, Dec 8, 2005.
Where: From remote
I'd be curious about one angle of this. I've got history set to zero days, and "Clear history" has always been greyed out, implying I've got no history.dat file (I'm too lazy to actually look).
Wonder if this exploit creates a history.dat, if there isn't already one for it to "do its thing"? If not, it suggests that zero-days could be a useful work-around till we get a real patch from Mozilla.
I have mine set to zero as well. I do have a history.dat file though, 1kb in size.
A quick search from the start menu shows the file.
Edited: I did have a history.dat file in a backup. Using zero days, no history.dat file is saved.
There is a workaroud from Bugzilla for this bug: Add
to your prefs.js .
Editing configuration files. http://www.mozilla.org/support/firefox/edit
Separate names with a comma.