More Chrome Directory Traversing.

January 31st, 2008  | Tags: , , , ,

Mozilla marked Bug ID 413250 as ‘RESOLVED FIXED’ on Tuesday. I got a chance to check out the fix today, and found that the fix is inadequate in stopping the attack. Here’s another demo that reads your session store, and like before, uses the Download Statusbar extension.

steal_sessionstore2.html.

Share and Enjoy:
  • Facebook
  • Digg
  • del.icio.us
  • StumbleUpon
  • LinkedIn
  • Google
  • Reddit
  • Slashdot
  • Technorati
  • TwitThis
  • Pownce
  • E-mail this story to a friend!
  • Print this article!
  • Ma.gnolia
Leave a comment | Trackback
« NotchUp.com Keys… »

1 trackbacks/pingbacks

TOP