Re: [Full-disclosure] Firefox: serious cookie stealing / same-do

看板Bugtraq作者lcamtuf.時間19年前 (2007/02/16 04:23)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串3/7 (看更多)

On Thu, 15 Feb 2007, pdp (architect) wrote: > I wander whether we can execute code on about:config or about:cache. Actually, there are several odd problems related to location updates and location.hostname specifically, including one scenario that apparently makes the script run with document.location in about: namespace. I did not research them any further, so I can't say if they're exploitable - but you can see a demo here, feel free to poke around: http://lcamtuf.coredump.cx/fftests.html Cheers, /mz http://lcamtuf.coredump.cx/

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 lcamtuf. 的文章

文章代碼(AID): #15rC4t00 (Bugtraq)

討論串 (同標題文章)

完整討論串 (本文為第 3 之 7 篇)：

排序：最新先 | 最舊先 | 留言數

Re: [Full-disclosure] Firefox: serious cookie stealing / same-do Re: [Full-disclosure] Firefox: serious cookie stealing / same-do

19年前, 02/23

Re: [Full-disclosure] Firefox: serious cookie stealing / same-do Re: [Full-disclosure] Firefox: serious cookie stealing / same-do

19年前, 02/17

Re: [Full-disclosure] Firefox: serious cookie stealing / same-do Re: [Full-disclosure] Firefox: serious cookie stealing / same-do

19年前, 02/16

Re: [Full-disclosure] Firefox: serious cookie stealing / same-do Re: [Full-disclosure] Firefox: serious cookie stealing / same-do

19年前, 02/16

Re: [Full-disclosure] Firefox: serious cookie stealing / same-do Re: [Full-disclosure] Firefox: serious cookie stealing / same-do

19年前, 02/16

Re: [Full-disclosure] Firefox: serious cookie stealing / same-do Re: [Full-disclosure] Firefox: serious cookie stealing / same-do

19年前, 02/16

Re: [Full-disclosure] Firefox: serious cookie stealing / same-do Re: [Full-disclosure] Firefox: serious cookie stealing / same-do

19年前, 02/16

在新視窗開啟完整討論串 (共7篇)

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 lcamtuf. 的文章

文章代碼(AID): #15rC4t00 (Bugtraq)