Results 1 to 2 of 2

Thread: Multiple browser timed document.write cross domain policy vulnerability

  1. #1

    Multiple browser timed document.write cross domain policy vulnerability

    http://www.xatrix.org/article3536.html

    Multiple browser timed document.write cross domain policy vulnerability
    It has been reported that under some circumstances it is possible to violate browser
    cross-domain restrictions. This may allow file execution to the attacker.

    Vulnerable:
    Mozilla Browser 1.0 RC2
    Mozilla Browser 1.0 RC1
    Mozilla Browser 1.0
    Mozilla Browser 1.0.1
    Mozilla Browser 1.1
    Mozilla Browser 1.2
    Mozilla Browser 1.2.1
    Mozilla Browser 1.3
    Mozilla Browser 1.3.1
    Netscape Communicator 7.02
    Netscape Communicator 7.01
    Netscape Communicator 7.0
    Netscape Communicator 4.0
    Netscape Communicator 4.5
    Netscape Communicator 4.6
    Netscape Communicator 4.7
    Netscape Communicator 4.51
    Netscape Communicator 4.61
    Netscape Communicator 4.72
    Netscape Communicator 4.73
    Netscape Communicator 4.74
    Netscape Communicator 4.75
    Netscape Communicator 4.76
    Netscape Communicator 4.77
    Netscape Communicator 4.78
    Netscape Communicator 4.79
    Opera Software Opera Web Browser 6.0 win32
    Opera Software Opera Web Browser 6.0
    Opera Software Opera Web Browser 6.0.1 win32
    Opera Software Opera Web Browser 6.0.1 linux
    Opera Software Opera Web Browser 6.0.1
    Opera Software Opera Web Browser 6.0.2 win32
    Opera Software Opera Web Browser 6.0.2 linux
    Opera Software Opera Web Browser 6.0.3 win32
    Opera Software Opera Web Browser 6.0.3 linux
    Opera Software Opera Web Browser 6.0.4 win32
    Opera Software Opera Web Browser 6.0.5 win32
    Opera Software Opera Web Browser 6.10 linux
    Opera Software Opera Web Browser 7.0 win32
    Opera Software Opera Web Browser 7.0 3win32
    Opera Software Opera Web Browser 7.0 2win32
    Opera Software Opera Web Browser 7.0 1win32
    Opera Software Opera Web Browser 7.10
    Opera Software Opera Web Browser 7.11

    Solution:

    NONE

  2. #2
    Member
    Join Date
    Apr 2003
    Posts
    37
    "possible to violate browser cross-domain restrictions"
    Sounds serious .... wonder what it means tho

    Did they really find a security hole, that did not include MS
    I did not do it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •