Re: Netscape Exploit SOLVED

John Robert LoVerso (loverso@OPENGROUP.ORG)
Fri, 20 Jun 1997 10:33:21 -0400

Yes, Paul's approach only worked when the exploit files were accessed via
"file:".

> The next problem would be, how can we make the client side reload this
> page automatically? There would be several ways to accomplish. It will
> work with JavaScript, but it 'might' also work if the document expiry
> date is specified.

Creating a working exploit that can be remotely loaded isn't difficult.
I sent Paul one on Monday and he called me about his version yesterday.
He is considering releasing it here.

John