Netspace Singapore Privacy Bug

Aleph One (aleph1@DFW.NET)
Sat, 26 Jul 1997 19:31:52 -0500

[Netscape Security]

SECURITY UPDATE

THE SINGAPORE PRIVACY BUG

July 25, 1997

----------------------------------------------------------------------------

The Singapore Privacy Bug that affects Netscape Communicator has been
identified and fixed. The fix is being tested and will be included in the
next release of Netscape Communicator, which is expected to be available in
the next few weeks. Netscape Navigator 2.x and 3.x are unaffected by this
bug.

The Singapore Privacy Bug allows a hacker to observe a user's activity on
the Web. It allows a hacker web site to exploit LiveConnect to observe which
URLs a user visits, the data a user enters into HTML forms (including
passwords), and data placed into a user's cookie file. The bug does not
allow a malicious web site operator to see, erase, or steal data from a
user's hard disk.

LiveConnect is a technology that enables communication between JavaScript
and Java applets in a page.

Netscape will keep customers informed through updates on the Security
Solutions page.

----------------------------------------------------------------------------

[Navigation bar]

Corporate Sales: 415/937-2555; Personal Sales: 415/937-3777; Government
Sales: 415/937-3678
If you have any questions, please visit Customer Service, or contact your
nearest sales office.

Copyright © 1997 Netscape Communications Corporation

This site powered by Netscape SuiteSpot servers.