Mozilla Firefox "locations.hostname" DOM Property Handling Vulnerability

Discussion in 'other security issues & news' started by tlu, Feb 22, 2007.

Thread Status:
Not open for further replies.
  1. tlu

    tlu Guest

    Firefox bookmark cross-domain travel vulnerability

    The well-known security expert Michal Zalewski found a new Firefox vulnerability described on http://lcamtuf.coredump.cx/ffbook/#

    The problem is already discussed on Bugzilla

    The extension Noscript, which has often been recommended here in the forum, is a good protection against this new vulnerability.
     
  2. tlu

    tlu Guest

    Ron, you merged my posting into this thread. That's okay - I just want to make sure that this is another vulnerability. It's probably advisable to forbid bookmarklets in Noscript as a countermeasure.
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    65,881
    Location:
    Texas
    My error Thomas. It is a separate issue. Post restored.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.