dziury z 5 i 12 VIII 2002
wrobell
wrobell w ite.pl
Pią, 16 Sie 2002, 14:33:20 CEST
On Fri, Aug 16, 2002 at 02:09:50PM +0200, Blues wrote:
[...]
> Mozilla powoli zaczyna mieć tyle samo bugów co IE... :-/ Może przejdziemy
> na betę, przynajmniej kilka rzeczy w niej jest załatane.
Z serii 1.0.x jest już 1.0.1 release candidate 1. Nie wiem tylko czy ma
poprawione niżej wymienione błędy.
> 16. Mozilla Browser
>
> Vendor: Mozilla.org
>
> A vulnerability was reported in several vendors' web browser
> javascript same origin policy implementations, including that of
> the Mozilla browser. A remote user can write scripting code that
> may be able to retrieve intranet web content from a target user's
> internal network, even when the target user's internal network is
> protected by a firewall.
>
> Impact: Host/resource access via network
>
> Alert: http://securitytracker.com/alerts/2002/Jul/1004878.html
> 32. Mozilla Browser
>
> Vendor: Mozilla.org
>
> An input validation vulnerability was reported in the Mozilla
> web browser. A remote user may be able to conduct cross-site
> scripting attacks in certain situations.
>
> Impact: Disclosure of authentication information
>
> Alert: http://securitytracker.com/alerts/2002/Aug/1004961.html
[...]
wrobell <wrobell w ite.pl>
Więcej informacji o liście dyskusyjnej pld-devel-pl