Re: Netscape Communicator window spoofing bug

From: Kirrily 'Skud' Robert (skud+usenetat_private)
Date: Sun Feb 21 1999 - 05:26:20 PST

Next message: Matt Hargett: "Re: NT DoS on FW-1"

Previous message: Mark Boolootian: "Process table attack (from RISKS Digest)"
Maybe in reply to: Georgi Guninski: "Netscape Communicator window spoofing bug"
Next in thread: Robert Thomas: "Re: Netscape Communicator window spoofing bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Frames or not, this bug was discussed in some detail in the O'Reilly
book _Web Security and Commerce_ by Garfinkel and Spafford.  Since its
original publication date is June 1997, I think we can assume that this
bug has been known for almost two years.

I heartily recommend this book to anyone interested in browser security
issues, especially those related to java, javascript, and other such
client-side programming.

Ref: http://www.oreilly.com/catalog/websec/

K.

--
Kirrily 'Skud' Robert - http://netizen.com.au/
Documentation is the castor oil of programming.  Managers know it must
be good because the programmers hate it so much.

Next message: Matt Hargett: "Re: NT DoS on FW-1"
Previous message: Mark Boolootian: "Process table attack (from RISKS Digest)"
Maybe in reply to: Georgi Guninski: "Netscape Communicator window spoofing bug"
Next in thread: Robert Thomas: "Re: Netscape Communicator window spoofing bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:36:42 PDT