[6490] in bugtraq
Communicator exploits
daemon@ATHENA.MIT.EDU (Fernand Portela)
Fri Apr 10 15:14:44 1998
Date: Fri, 10 Apr 1998 14:06:08 +0200
Reply-To: Fernand Portela <fernand.portela@IBM.NET>
From: Fernand Portela <fernand.portela@IBM.NET>
To: BUGTRAQ@NETSPACE.ORG
This is a multi-part message in MIME format.
--------------C3265FC716C909831247B1CC
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hi,
A few weeks ago, I've posted in this mailing-list an advisory about
issues in Netscape Communicator. Since a fixed release (4.05) is now
available to users, I think I can publish the exploits themselves.
If you received this mail in Communicator 4.04 or previous (NN2.x and
3.x are not vulnerable), simply click the links in the attached HTML
document for a demonstration of the bugs.
_______________________________________________________________________
Fernand PORTELA aka Nando
fernand.portela@ibm.net nando@mygale.org
http://www.mygale.org/~nando
--------------C3265FC716C909831247B1CC
Content-Type: text/html; charset=us-ascii; name="attacks.html"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="attacks.html"
<html>
<head>
<script><!--
function load_page() {
w = window.open( '', 'prefs' );
w.origin = window.document.URL;
}
//--></script>
</head>
<body>
<p>Click <a href="http://www.mygale.org/~nando/prefs3/" target="prefs" onClick="load_page()">here</a>
for a demonstration of the first exploit.
<p>Click <a href="http://www.mygale.org/~nando/prefs4/" target="prefs" onClick="load_page()">here</a>
for a demonstration of the second exploit.
</body>
</html>
--------------C3265FC716C909831247B1CC--
