Full Disclosure mailing list archives

Re: iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability

From: Christian Horchert <chorchert () veedev de>
Date: Mon, 17 May 2004 04:56:52 +0200

Am 13.05.2004 um 17:16 schrieb Richard Johnson:

Opera Telnet URI Handler File Creation/Truncation Vulnerability

iDEFENSE Security Advisory 05.12.04
www.idefense.com/application/poi/display?id=104&type=vulnerabilities
May 12, 2004


This vulnerability exists under OSX with Safari, Firefox, OmniWeb,
IE, iCab, and TrailBlazer, too.

I also recognized, that Firefox "supports" telnet URIs as img and
script source (beside meta-tags, iframe etc.).


  Christian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability idlabs-advisories (May 13)
- Re: iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability Jakob Balle (May 13)
- Re: iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability Ted Unangst (May 13)
- <Possible follow-ups>
- iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability Richard Johnson (May 13)
  - Re: iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability Christian Horchert (May 16)