[Herts] New vulnerability affects all (most) browsers

Mr. Spock spock at canopus22.demon.co.uk
Thu Dec 9 19:36:02 GMT 2004


New Vulnerability Affects All Browsers
http://it.slashdot.org/article.pl?sid=04/12/09/0053205&tid=172&tid=95&tid=8

Wow, this thing really works! 0wn3d.

I'm using Firefox 0.9.3 on Debian Sarge, with Popup Blocking enabled
(and left clicking the first link on the Secunia page).

It is actually a Javascript issue, so AnyBrowser(TM) with Javascript
enabled should fall for it IIUC.

Some people have reported that it doesn't work on Safari, but
many folk are confused by the instructions (this is /. after all) -
perhaps they had Javascript disabled.

Workarounds are discussed at Mozilla News:
http://mozillanews.org/?article_date=2004-12-08+06-48-46

Lynx seems safe though, it reports this error :-)

  Alert!: Unsupported URL scheme!


Cheers to Nicolas for putting up the pic of the meeting.
It's a good job we had adequate desking for the laptops:

Laptops May Be Hazardous to Your Fertility
http://science.slashdot.org/article.pl?sid=04/12/09/1321211&tid=184&tid=14

Bye!
-- 
Malc 
http://www.canopus22.demon.co.uk/



More information about the Herts mailing list