firefox-1.0.4-4 CSS history exploit?
Per Arne Nilssen
systemansvarlig at vagaungdomsskule.no
Fri Jun 3 07:39:50 UTC 2005
Marcus Hartig skrev:
> Per Arne Nilssen wrote:
>
>> This is not a script that can read your browser history.
>
>
> Hmm? The javascript code embedded is writing the results...
>
> I've never visited this side before and it wrote first 1 hit for
> dell.com, where I really was yesterday. ?
>
> regards,
> Marcus
>
You're right Marcus. It reads your browser history. But not www.icq.com
Cleared my browser cache and history. Visited gemal.dk and all was No or
unable....
Visited then www.dell.com, www.icq.com and www.slashdot.com. (I did not
have gemal.dk open when I visited the sites.) Result
www.dell.com YES.....
www.icq.com NO....
www.slashdot.com YES....
So there must be something here.
Sorry, Marcus
regards
Per Arne
More information about the fedora-test-list
mailing list