NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Full-Disclosure> 2004-05

Re: [Full-Disclosure] iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability

From: Christian Horchert (chorchertveedev.de)
Date: Sun May 16 2004 - 21:56:52 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am 13.05.2004 um 17:16 schrieb Richard Johnson:
> Opera Telnet URI Handler File Creation/Truncation Vulnerability
>
> iDEFENSE Security Advisory 05.12.04
> www.idefense.com/application/poi/display?id=104&type=vulnerabilities
> May 12, 2004

This vulnerability exists under OSX with Safari, Firefox, OmniWeb,
IE, iCab, and TrailBlazer, too.

I also recognized, that Firefox "supports" telnet URIs as img and
script source (beside meta-tags, iframe etc.).

Christian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]