Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Netspace Singapore Privacy Bug

From: aleph1 () DFW NET (Aleph One)
Date: Sat, 26 Jul 1997 19:31:52 -0500

                            [Netscape Security]

                               SECURITY UPDATE

                          THE SINGAPORE PRIVACY BUG

                                July 25, 1997

----------------------------------------------------------------------------

The Singapore Privacy Bug that affects Netscape Communicator has been
identified and fixed. The fix is being tested and will be included in the
next release of Netscape Communicator, which is expected to be available in
the next few weeks. Netscape Navigator 2.x and 3.x are unaffected by this
bug.

The Singapore Privacy Bug allows a hacker to observe a user's activity on
the Web. It allows a hacker web site to exploit LiveConnect to observe which
URLs a user visits, the data a user enters into HTML forms (including
passwords), and data placed into a user's cookie file. The bug does not
allow a malicious web site operator to see, erase, or steal data from a
user's hard disk.

LiveConnect is a technology that enables communication between JavaScript
and Java applets in a page.

Netscape will keep customers informed through updates on the Security
Solutions page.

----------------------------------------------------------------------------

                              [Navigation bar]

   Corporate Sales: 415/937-2555; Personal Sales: 415/937-3777; Government
                             Sales: 415/937-3678
  If you have any questions, please visit Customer Service, or contact your
                            nearest sales office.

            Copyright © 1997 Netscape Communications Corporation

              This site powered by Netscape SuiteSpot servers.
Previous By Date Next
Previous By Thread Next

Current thread: