Netscape Communicator Bug demonstration
This bug affects netscape communicator (even version 4.01a) with Java
and Javascript enabled. I've tested it on
Windows 95/NT and Linux.
This bug lets a mailicious site achieve the same effects as the recently
reported JavaScript bug. However, the
mechanism to achieve the effect is different. Unlike the reported
JavaScript bug, this exploit doesn't spawned off
a separate window, and is thus more "invisible" to the user.
After leaving this page, any web site that you subsequently visit will
be captured by this web server. The
information you enter into forms will be captured too, but this will
sometimes not work (I've no idea why). To
view the information captured on you, simply visit
http://www.iti.gov.sg/cgi-bin/track.cgi when you're done
going to other sites.
You may want to turn off Java/JavaScript until Netscape resolved this
bug.
Update
Netscape has confirmed the bug, and has a fix for it. I don't know
when the new release will be available
(check out their web site).
ZDnet has a report on this bug. You may want to check out their
site:
http://www5.zdnet.com/zdnn/content/zdnn/0725/zdnn0005.html
Kuo Chiang (kcchiang@iti.gov.sg)
Assoc Member of Technical Staff,
Information Technology Institute (Singapore).
Last modified: Thu Jul 24 16:37:16 SGT 1997