On 18 Jul 2001 23:48:57, [EMAIL PROTECTED] (Kevin D. Clark) wrote:
>
> > Also, I assume that a hidden javascript in a cookie attack is somehow
> > based on "trusted zones" for a browser (e.g. "local" html is trusted to
> > run programs, etc). I believe IE has these... does Netscape on Unix?
>
> IIRC, for Java, *yes*, Netscape on Unix trusted local HTML.
Do you mean something other than the cert advisory on "BrownOrifice":
CA-2000-15 Netscape Allows Java Applets to Read Protected Resources
http://www.cert.org/advisories/CA-2000-15.html
that was a bug in Netscape's implemenation of java?
If so, do you recall roughly how it goes?
Thanks,
Karl
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
