General :
K-Meleon Web Browser Forum
http://zdnet.com.com/2100-1104-896099.html
With this bug also effect K-Meleon?
the problem affects XMLHttpRequest, which allows Web pages in the browser to send and receive XML data via HTTP, the standard Web transfer protocol. XML is an Internet language for describing just about any sort of data.
XMLHttpRequest doesn't properly check the security settings for some types of data requests in a Web page, allowing them, if properly disguised, to request data from the user's hard drive.
Will this bug also effect K-meleon?
not With
i dunno... i couldn't get the proof-of-concept test to work, for whatever that's worth.
but i have all the capability stuff pretty stripped down.
It should not affect K-M 0.7, because K-M will be based on the latest code from Mozilla, and the Mozilla security team fixed this bug in less than 24 hours once it was reported to them.
Here's the link to the corresponding Bugzilla page: http://bugzilla.mozilla.org/show_bug.cgi?id=141061
K-M crashes on this bug so in a way it's not exploitable
afaik that bug was introduces in Mozilla 0.9.7. And K-Meleon uses a quite older source than that
General discussion about K-Meleon
Netscape flaw exposes hard drives
Posted by:
snick
Date: May 01, 2002 09:36PM
http://zdnet.com.com/2100-1104-896099.html
With this bug also effect K-Meleon?
the problem affects XMLHttpRequest, which allows Web pages in the browser to send and receive XML data via HTTP, the standard Web transfer protocol. XML is an Internet language for describing just about any sort of data.
XMLHttpRequest doesn't properly check the security settings for some types of data requests in a Web page, allowing them, if properly disguised, to request data from the user's hard drive.
Re: Netscape flaw exposes hard drives
Posted by:
snick
Date: May 01, 2002 09:48PM
Will this bug also effect K-meleon?
not With
Re: Netscape flaw exposes hard drives
Posted by:
po
Date: May 01, 2002 11:12PM
i dunno... i couldn't get the proof-of-concept test to work, for whatever that's worth.
but i have all the capability stuff pretty stripped down.
Re: Netscape flaw exposes hard drives
Posted by:
Zeiram
Date: May 02, 2002 07:16AM
It should not affect K-M 0.7, because K-M will be based on the latest code from Mozilla, and the Mozilla security team fixed this bug in less than 24 hours once it was reported to them.
Here's the link to the corresponding Bugzilla page: http://bugzilla.mozilla.org/show_bug.cgi?id=141061
Re: Netscape flaw exposes hard drives
Posted by:
sven
Date: May 02, 2002 11:00AM
K-M crashes on this bug so in a way it's not exploitable
Re: Netscape flaw exposes hard drives
Posted by:
Kidman
Date: May 02, 2002 07:59PM
afaik that bug was introduces in Mozilla 0.9.7. And K-Meleon uses a quite older source than that
English