Re: CERT Advisory CA-97.20 - JavaScript Vulnerability

Dominick Matthias PN OIL 6 (matthias.dominick@PN.SIEMENS.DE)
Thu, 10 Jul 1997 16:54:37 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Razvan Dragomirescu: "Vulnerability in WEBgais"
Previous message: Aleph One: "[linux-security] Re: Re: so-called snprintf() in db-1.85.4"
Maybe in reply to: CERT Advisory: "CERT Advisory CA-97.20 - JavaScript Vulnerability"
Next in thread: Drew Dean: "Re: CERT Advisory CA-97.20 - JavaScript Vulnerability"

Has anyone else already tried out Netscape Navigator 3.02? It claims
that it fix the bug found by the Danish company plus the JavaScript bug
found by Bell labs; PC-world reports that this is the new JavaScript bug
found by Dan Brumleve
(http://www.pcworld.com/cgi-bin/database/body.pl?ID=970709180417). While
the fix of the first bug seems to work I can still reproduce the 2nd
bug by going to the author's page at

http://www.aleph2.com/tracker/

I got my version for (German) Windows 95 at

ftp://ftp.netscape.com/pub/navigator/3.02/shipping/english/windows/wind
ows95_or_nt/navigator_complete/
n32e302p.exe [Jul 07 20:21] 5835k

Confused...
-- Matthias

Next message: Razvan Dragomirescu: "Vulnerability in WEBgais"
Previous message: Aleph One: "[linux-security] Re: Re: so-called snprintf() in db-1.85.4"
Maybe in reply to: CERT Advisory: "CERT Advisory CA-97.20 - JavaScript Vulnerability"
Next in thread: Drew Dean: "Re: CERT Advisory CA-97.20 - JavaScript Vulnerability"