---

PC Week: Vulnerability discovered in Netscape Navigator

“A newly discovered vulnerability in Netscape Navigator 4.x
could allow a Webmaster to view a user’s bookmark or cache
file.”

“And Microsoft Corp.’s Internet Explorer may have a similar
weakness, according to several reports.”

“The trick uses cookies to run JavaScript on a user’s computer.
A Webmaster could redirect the user to a page using frames, with
one frame pointing to the cookie file and another pointing to the
page the Webmaster wishes to read.”

The exploit allows malicious site operators to bypass
security protocols that prohibit them from reading that
file.

Complete
Story