[9735] in bugtraq
Re: Netscape Communicator window spoofing bug
daemon@ATHENA.MIT.EDU (Kirrily 'Skud' Robert)
Mon Feb 22 16:51:47 1999
X-Complaints-To: usenet@hiro.netizen.com.au
Date: Sun, 21 Feb 1999 13:26:20 GMT
Reply-To: "Kirrily 'Skud' Robert" <skud+usenet@NETIZEN.COM.AU>
From: "Kirrily 'Skud' Robert" <skud+usenet@NETIZEN.COM.AU>
To: BUGTRAQ@NETSPACE.ORG
Frames or not, this bug was discussed in some detail in the O'Reilly
book _Web Security and Commerce_ by Garfinkel and Spafford. Since its
original publication date is June 1997, I think we can assume that this
bug has been known for almost two years.
I heartily recommend this book to anyone interested in browser security
issues, especially those related to java, javascript, and other such
client-side programming.
Ref: http://www.oreilly.com/catalog/websec/
K.
--
Kirrily 'Skud' Robert - http://netizen.com.au/
Documentation is the castor oil of programming. Managers know it must
be good because the programmers hate it so much.
