('binary' encoding is not supported, stored as-is) I found out that Netscape doesn't have security when
it comes to accessing sites from domain to domain.
This seems to work in 4.7x -- I have not tried it out yet
in Netscape 6. What this hole allows you to do is run
any Javascript (and VBScript) functions on any site
as well as change values of global variables. This
allows you to run functions that you shouldn't run or
set variables to values that could damage or allow
you to access information.

The way it's done: have a page open (with a simple
window.open command using a window handle) any
site.
To run a function, run on the parent page:
winhandle.function(param);
To change any variable:
winhandle.var = value;

One exploit is with cookies where you are able to get
and set cookies if the site has cookie functions. This
will make it able for you to set cookies from that
domain. If a site relies on Javascript or cookies for
some point of thier security system, this could be
even more damaging. And lastly, it can grab user
information if a user uses a page with this exploit and
continues to another domain opened by the page.

Let me know your ideas on this.
Avi
amozeshotmail.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]