Bugtraq mailing list archives

RE: Two Vulnerabilities in Mozilla may lead to remote compromise

From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Wed, 14 Jul 2004 01:50:06 +0200 (MET DST)

On Tue, 13 Jul 2004, Jelmer wrote:

I was under the impression that mozilla firefox disallowed access to local
files (not sure about mozilla but I assume it's the same)

When I link to a local file from the internet, I get a
Security Error: Content at http:///.... May not load or link to 
File:/// ...


This behaviour depends on security.checkloaduri. True, the default value,
disallows links from http: et al to file:

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

Current thread:

Two Vulnerabilities in Mozilla may lead to remote compromise Mind Warper (Jul 13)
- Re: Two Vulnerabilities in Mozilla may lead to remote compromise Daniel Veditz (Jul 13)
- RE: Two Vulnerabilities in Mozilla may lead to remote compromise Jelmer (Jul 13)
  - RE: Two Vulnerabilities in Mozilla may lead to remote compromise Pavel Kankovsky (Jul 15)
- RE: Two Vulnerabilities in Mozilla may lead to remote compromise Darren Pilgrim (Jul 13)
- <Possible follow-ups>
- Re: Two Vulnerabilities in Mozilla may lead to remote compromise Philliph (Jul 13)
- Re: Two Vulnerabilities in Mozilla may lead to remote compromise Mind Warper (Jul 13)