“This page demonstrates a security exploit in Netscape 4.x that
lets a malicious Web site gain access to files on a user’s hard
drive: JavaScript-in-cookies
security hole demo.”
“We think this may be one of the most powerful Netscape
Communicator exploits *ever* — offhand I can only think of
one Netscape bug ever discovered that was more serious than this
one (discovered in 1997 by a Danish consultant, it also gave a Web
site access to files on a user’s computer). We have already
contacted Netscape to report this problem, and they are working on
a fix.”
“This security hole affects anyone running Netscape Communicator
4.x for Windows with cookies and JavaScript turned on (these are
the default settings in effect for almost all browsers). Netscape
claims an installed client base of over 50 million browsers.”
“The exploit involves setting a cookie on the user’s browser,
such that the *value* of the cookie contains JavaScript code that
can perform priveleged operations. (So this is great for reporters
who like popular buzzwords like “cookie” and “JavaScript”, which
always look sexy in a story about Web browser security holes.)”
Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.
LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.