Alakazam
02-01-2002, 03:33 PM
A security flaw in Netscape Communications' Navigator Web browser can let malicious Web site operators view the information stored in cookies on a user's computer, according to a security note published on Netscape's Web site. The vulnerability affects Navigator versions 6 through 6.2, as well as version 0.9.6 and earlier versions of Mozilla, the open-source version of Navigator, according to an analysis written by Marc Slemko, who discovered the bug.
The bug, Slemko says in his analysis, can be exploited by causing users to visit a Web address inserted into HTML (Hypertext Markup Language) code on a Web page or in an HTML-formatted e-mail. If the user were to view the malicious Web site, cookies could be stolen off the user's computer, Slemko says.
Slemko's analysis of the vulnerability can be found here (http://alive.znep.com/~marcs/security/mozillacookie/)
Well all we have to do is keep up those security updates and you should be fine. Does not seem like a big deal, more of a precaution. Anyway if you are a Netscape user, UPDATE!
The bug, Slemko says in his analysis, can be exploited by causing users to visit a Web address inserted into HTML (Hypertext Markup Language) code on a Web page or in an HTML-formatted e-mail. If the user were to view the malicious Web site, cookies could be stolen off the user's computer, Slemko says.
Slemko's analysis of the vulnerability can be found here (http://alive.znep.com/~marcs/security/mozillacookie/)
Well all we have to do is keep up those security updates and you should be fine. Does not seem like a big deal, more of a precaution. Anyway if you are a Netscape user, UPDATE!