Linked by Thom Holwerda on Tue 27th Feb 2007 16:40 UTC, submitted by flanque
Privacy, Security, Encryption Internet Explorer 7 and Firefox 2.0 share a logic flaw. The issue is actually more severe, as the two versions of the Microsoft and Mozilla browsers are not the only ones affected. In this regard, the vulnerability impacts Internet Explorer 5.01, Internet Explorer 6 and Internet Explorer 7 but also Firefox Microsoft has stressed the fact that IE7 on Windows Vista is not affected in any manner.
Thread beginning with comment 217413
To read all comments associated with this story, please click here.
by moltonel on Wed 28th Feb 2007 23:10 UTC
Member since:

By default, Konqueror asks the user for confirmation when sending a local file. Simple and effective, whatever tricks the webpage may use to set the input to a malicious value.

Reply Score: 2

RE: Konqueror
by umccullough on Thu 1st Mar 2007 03:22 in reply to "Konqueror"
umccullough Member since:

Konqueror asks the user for confirmation when sending a local file

And I would hope this is exactly what will be done with Firefox. That feature along with whitelisting support should be sufficient, and I mean jeez - how often do people upload to a website. Usually one uses just a few such sites regularly (email, photo sharing...)

Not sure about IE, Microsoft has a habit of doing stupid things to "fix" exploits.

Reply Parent Score: 2