Tuesday, May 09, 2006

Firefox 1.5.0.3 exposes to the world your installation directory location

Firefox devs missed an argument when calling an internal javascript function, which throws an exception that can be read by any remote website using javascript try-catch blocks. A flawed extension can expose other paths such as c:documents and settingsemily_richard. Bug 267645

read more | digg story

No comments: