lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060521132048.22639.qmail@securityfocus.com> Date: 21 May 2006 13:20:48 -0000 From: milw0rm@...il.com To: bugtraq@...urityfocus.com Subject: Firefox 1.5.0.3 Flaw - Page can obtain path to Mozilla installation or profile by examining JavaScript exceptions if the exception raises in some extension in the user profile and the page can catch path to the user profile and so a remote attacker will know the user login PoC: https://bugzilla.mozilla.org/attachment.cgi?id=164547