On Mon, 13 Aug 2007 22:13:08 -0700, Joseph Hick wrote:
Is it causing any of these...
1.) Loss of confidentiality
2.) Loss of integrity
3.) Loss of availability
Very OSVDBish. =)
___
Full-Disclosure - We believe in it.
Charter:
On Sun, 12 Aug 2007, carl hardwick wrote:
Firefox Remote Variable Leakage
I'm afraid don't entirely follow this attack - though I might be wrong...
The PoC, in essence, enumerates all Javascript variables and functions
that are publicly declared by the browser in the context of the current
Any sensitive data being leaked? A browser giving away
its properties to a script should not be termed
vulnerability.
Is it causing any of these...
1.) Loss of confidentiality
2.) Loss of integrity
3.) Loss of availability
--- carl hardwick [EMAIL PROTECTED] wrote:
Firefox Remote Variable
Firefox Remote Variable Leakage
It is possible to read all variables that are set inside Firefox.
That's right: ALL variables and registered objects that are present
inside Javascript files and on runtime. It's even possible to call
certain functions. That ranges from local Mozilla config files