[8285] in bugtraq
Re: buffer overflow vulnerability in netscape 3.0 to 4.5
daemon@ATHENA.MIT.EDU (Michael Tomaino)
Sat Oct 24 00:57:13 1998
Date: Fri, 23 Oct 1998 18:06:46 -0700
Reply-To: Michael Tomaino <tomaino@UNIXG.UBC.CA>
From: Michael Tomaino <tomaino@UNIXG.UBC.CA>
To: BUGTRAQ@NETSPACE.ORG
Paul Boehm wrote:
>
> On Fri, Oct 23, 1998 at 07:31:30PM +0200, I wrote:
> > Netscape is working on a patch.
>
> oh, and I almost forgot (in fact, i did):
> Netscape posted a workaround to their webpage that protects you against
> this specific overflow, but also prevents existing plugins from working.
Just to follow this up.. (I'm sure you all can probably read this
yourselves)
To quote more of the page :
"Setting this prompt will not impair your ability to view pages with
other plug-ins you already have installed and you will retain the
ability to manually download and install new plug-ins as you need them.
"
So there actually is no downside..
Mike.
