Mozilla Firefox "locations.hostname" DOM Property Handling Vulnerability

Discussion in 'other security issues & news' started by tlu, Feb 22, 2007.

Thread Status:
Not open for further replies.
  1. tlu

    tlu Guest

    Firefox bookmark cross-domain travel vulnerability

    The well-known security expert Michal Zalewski found a new Firefox vulnerability described on http://lcamtuf.coredump.cx/ffbook/#

    The problem is already discussed on Bugzilla

    The extension Noscript, which has often been recommended here in the forum, is a good protection against this new vulnerability.
     
    tlu, Feb 22, 2007
    #1
  2. tlu

    tlu Guest

    Ron, you merged my posting into this thread. That's okay - I just want to make sure that this is another vulnerability. It's probably advisable to forbid bookmarklets in Noscript as a countermeasure.
     
    tlu, Feb 23, 2007
    #2
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    164,185
    Location:
    Texas
    My error Thomas. It is a separate issue. Post restored.
     
    ronjor, Feb 23, 2007
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...