Closed
Bug 289134
Opened 20 years ago
Closed 20 years ago
arbitrary exposure of process space memory to javascript code.
Categories
(SeaMonkey :: Security, defect)
Tracking
(Not tracked)
VERIFIED
DUPLICATE
of bug 288688
People
(Reporter: kennedyh, Assigned: dveditz)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.6) Gecko/20050319
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.6) Gecko/20050319
as detailed at the above advisory url, javascript in mozilla is able to extract
previous contents of memory within the process space.
Reproducible: Always
Steps to Reproduce:
1. go to the above url with javacript enabled
2. click on the "Test Now - Left Click On This Link" link
3. observe some of the contents of your process space.
Actual Results:
i observed a number of font/url/text items from previous browsing activities.
Expected Results:
shown a text box full of "X"s
This the observed behavior in IE.
|
||
Comment 1•20 years ago
|
||
The secunia report actually contained the bug number in bugzilla.
*** This bug has been marked as a duplicate of 288688 ***
Status: NEW → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
|
Reporter | |
Comment 2•20 years ago
|
||
excellent! none of the searches i did from the bugzilla page
for "lambda" or "SA14821" turn up any results, and there is no mention of a vendor
contact on the secunia page.
good to see it's fixed already :-)
|
Assignee | |
Updated•20 years ago
|
Group: security
|
||
Updated•20 years ago
|
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•