On Monday 25 April 2005 12:20 pm, Jon Drews wrote: > Hi: > > If I uncheck "Allow web sites to install software" will this prevent > these exploits in Firefox 1.0.2?
no, because only whtelisted sites can install software in the first place. so if you're dumb enough to let www.hackerheaven.com install software, well ... scott > Search plugin cross-site scripting > Severity: Moderate > Reporter: Michael Krax > Products: Firefox, Mozilla Suite > http://www.mozilla.org/security/announce/mfsa2005-38.html > > PLUGINSPAGE privileged javascript execution > Severity: High > Reporter: Omar Khan > Products: Firefox > http://www.mozilla.org/security/announce/mfsa2005-34.html > > TIA > Jon > > _______________________________________________ > CWE-LUG mailing list > http://www.cwelug.org/ > [email protected] > http://lists.firepipe.net/listinfo/cwe-lug -- R. Scott Granneman [EMAIL PROTECTED] ~ www.granneman.com Full list of publications: http://www.granneman.com/publications My new book on Firefox: Don't Click on the Blue E! Info at: http://www.oreilly.com/catalog/bluee/ Read the Open Source Blog: http://opensource.weblogsinc.com Join GranneNotes! Information at www.granneman.com "You have to know how to accept rejection and reject acceptance." ---Ray Bradbury _______________________________________________ CWE-LUG mailing list http://www.cwelug.org/ [email protected] http://lists.firepipe.net/listinfo/cwe-lug
