[5020] in bugtraq
Netspace Singapore Privacy Bug
daemon@ATHENA.MIT.EDU (Aleph One)
Mon Jul 28 11:04:58 1997
Date: Sat, 26 Jul 1997 19:31:52 -0500
Reply-To: Aleph One <aleph1@DFW.NET>
From: Aleph One <aleph1@DFW.NET>
To: BUGTRAQ@NETSPACE.ORG
[Netscape Security]
SECURITY UPDATE
THE SINGAPORE PRIVACY BUG
July 25, 1997
-----------------------------------------------------------------------=
-----
The Singapore Privacy Bug that affects Netscape Communicator has been
identified and fixed. The fix is being tested and will be included in t=
he
next release of Netscape Communicator, which is expected to be availabl=
e in
the next few weeks. Netscape Navigator 2.x and 3.x are unaffected by th=
is
bug.
The Singapore Privacy Bug allows a hacker to observe a user's activity =
on
the Web. It allows a hacker web site to exploit LiveConnect to observe =
which
URLs a user visits, the data a user enters into HTML forms (including
passwords), and data placed into a user's cookie file. The bug does not
allow a malicious web site operator to see, erase, or steal data from a
user's hard disk.
LiveConnect is a technology that enables communication between JavaScri=
pt
and Java applets in a page.
Netscape will keep customers informed through updates on the Security
Solutions page.
-----------------------------------------------------------------------=
-----
[Navigation bar]
Corporate Sales: 415/937-2555; Personal Sales: 415/937-3777; Governm=
ent
Sales: 415/937-3678
If you have any questions, please visit Customer Service, or contact =
your
nearest sales office.
Copyright =A9 1997 Netscape Communications Corporation
This site powered by Netscape SuiteSpot servers.
