[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Firefox 1.5.0.3 Flaw - Page can obtain path to Mozilla installation or profile by examining JavaScript exceptions

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Firefox 1.5.0.3 Flaw - Page can obtain path to Mozilla installation or profile by examining JavaScript exceptions
From: milw0rm@xxxxxxxxx
Date: 21 May 2006 13:20:48 -0000

if the exception raises in some extension in the user profile and the page can 
catch path to the user profile and so a remote attacker will know the user login

PoC: https://bugzilla.mozilla.org/attachment.cgi?id=164547

Prev by Date: PHP Easy Galerie Index.PHP Remote File Include Vulnerability
Next by Date: XOOPS <= 2.0.13.2 'xoopsOption[nocommon]' exploit
Previous by thread: PHP Easy Galerie Index.PHP Remote File Include Vulnerability
Next by thread: XOOPS <= 2.0.13.2 'xoopsOption[nocommon]' exploit
Index(es):
- Date
- Thread