BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Mozilla protocol abuse Jul 25 2007 06:48PM
Thor Larholm (seclists larholm com)
The Mozilla application platform currently has an unpatched input
validation flaw which allows you to specify arbitrary command line
arguments to any registered URL protocol handler process. Jesper
Johansson already detailed parts of this on his blog on July 20,
http://msinfluentials.com/blogs/j...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus