<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Full Disclosure: Re: Google / GMail bug, all accounts vulnerable

Re: Google / GMail bug, all accounts vulnerable

From: Nick FitzGerald <nick_at_virus-l.demon.co.uk>
Date: Wed, 12 Dec 2007 16:46:36 +1300

Kristian Erik Hermansen wrote:

> > ... even if handled quite differently between browser types/versions.
>
> Bingo to coderman, the only security dude here who gets it. You would
> be surprised the number of ridiculous personal emails I got regarding
> this issue. Crowd SuRFing is here to stay...

So does the simple expedient of setting browser.chrome.favicons to
false "fix" this for FF users?

Does it work in IE7's tabbed browsing?

Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Received on Dec 11 2007

This message: [ Message body ]
Next message: Tom Yu: "Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]"
Previous message: coderman: "Re: Google / GMail bug, all accounts vulnerable"
In reply to: Kristian Erik Hermansen: "Re: Google / GMail bug, all accounts vulnerable"
Next in thread: coderman: "Re: Google / GMail bug, all accounts vulnerable"
Reply: coderman: "Re: Google / GMail bug, all accounts vulnerable"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]