[3849] in WWW Security List Archive
Re: More Netscape 'secret' codes...
daemon@ATHENA.MIT.EDU (htorgema@novice.uwaterloo.ca)
Thu Dec 19 19:45:14 1996
From: htorgema@novice.uwaterloo.ca
Date: Thu, 19 Dec 1996 16:10:12 -0500 (EST)
cc: www-security@ns2.rutgers.edu
In-Reply-To: <19961217.181648.14022.2.wiseleo@juno.com>
Errors-To: owner-www-security@ns2.rutgers.edu
On Tue, 17 Dec 1996, Leonid S Knyshov wrote:
> Hmm... A potential danger I think is POP3:
>
> Or its variaton, I don't have the Navigator opened right now.
>
> Yes, that's it, it opens mailbox...I wonder if its possible to steal mail
> by having this a hidden value in a form...
>
> I am going to try out other feautures, meanwhile lets check out MSIE for
> nice surprises...
About MSIE, for those of you not reading the BOS mailing list, here's an
interesting message. I can't test it, but I'd love to know if this really
work.
Date: Mon, 16 Dec 1996 10:08:07 -0500
From: Matthew Aldous <mda@discovery.mhri.edu.au>
To: best-of-security@suburbia.net
Subject: BoS: spot the potential
Just when you thought it was safe to point 'n click - I just found this
in my backlog of comp.risks stuff, and I thought I'd just mention it here,
for those who missed it. I'm now more anti billy boy than ever. ojnk.
spot the potential.
------------------------------------------------------------------------------
http://www.microsoft.com/java/sdk/getstart/javac007.htm :
Updating the Java Support on a User's Machine
If you are placing an applet that uses COM on an HTML page accessible from
the Internet, you must ensure that any users who encounter that page have a
version of the Java Support for Internet Explorer that fully supports
Java/COM integration.
To do this, you must insert the following tag on the HTML page
containing your applet (or on the introductory page of your Web site):
<OBJECT
CLASSID="clsid:08B0E5C0-4FCB-11CF-AAA5-00401C608500"
CODEBASE="http://www.microsoft.com/java/IE30Java.cab#Version=1,0,0,1">
</OBJECT>
This tag causes the user's Internet Explorer to check the version of its
Java support. If the version installed on the user's machine is not
up-to-date,
Internet Explorer downloads the latest version of Java support from
http://www.microsoft.com and updates the user's machine.
------------------------------------------------------------------------------
--
-------------------------------------------------------------------------------
"System Administration: It's a dirty job, but someone said I had to do it."
Matthew Aldous : 019339629 : mda@mhri.edu.au : Mental Health Research Institute
-------------------------------------------------------------------------------
---------------
Henri Torgemane http://www.undergrad.math.uwaterloo.ca/~htorgema/
Never let your sense of morals prevent you from doing what is right.
-- Salvor Hardin, "Foundation"
