Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Fix for Mozilla XMLHttpRequest file disclosure vulnerability
From: Frank Hecker <hecker () mozilla org>
Date: Thu, 02 May 2002 23:58:55 -0400
For those not already aware of this, note that a fix for the XMLHttpRequest file disclosure vulnerability (Bugtraq id 4628) reported by GreyMagic Software has been checked into the Mozilla source tree. The fix is included in new Mozilla 1.0 branch nightly builds dated 2 May 2002 or later available through mozilla.org: 

http://ftp.mozilla.org/pub/mozilla/nightly/latest-1.0.0/
and will be included in the upcoming Mozilla 1.0 release and any further 1.0 Release Candidates distributed through mozilla.org. For more information on the fix please see bug report 141061 in the Mozilla project's public bug database: 

http://bugzilla.mozilla.org/show_bug.cgi?id=141061
On behalf of the Mozilla community we at mozilla.org thank all the people who participated in discovering, reporting, investigating, and fixing this bug.
As a reminder, reports of Mozilla-related security vulnerabilities can be reported via email to security () mozilla org, and will be handled in accordance with the mozilla.org on handling security bugs: 

http://www.mozilla.org/projects/security/security-bugs-policy.html

Frank

--
Frank Hecker
hecker () mozilla org

  By Date           By Thread  

Current thread:
  • Fix for Mozilla XMLHttpRequest file disclosure vulnerability Frank Hecker (May 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]