Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Mozilla

Submission + - serious flaw in Firefox 2.0 and Opera 9.1

crazylittlebear writes: "Firefox 2.0 and Opera 9.1 have serious bug, which allows to read disc data (e.g. directory listing, contents of text files) from any computer. If you download HTML file do disc and open it from your computer, with JavaScript turned on, your disc can be scanned by someone else. As described on http://bragoszewski.com/?page_id=36, the flaw is not present in Internet Explorer 6 or 7. It is not only possible to send a file o directory listing from computer. The exploit or backdoor that uses this bug is extremely easy to write. With more complicated code an attacker can establish a full connection to a computer and can browse victim's disc nearly as easy as with local file manager..."

We can found no scientific discipline, nor a healthy profession on the technical mistakes of the Department of Defense and IBM. -- Edsger Dijkstra

Working...