TUCoPS :: Browsers :: va1496.htm

Firefox Privacy Broken If Used to Open Web Page File
Firefox Privacy Broken If Used to Open Web Page File
Firefox Privacy Broken If Used to Open Web Page File


Brief from my Twitter:

  The effect is exposing any location, incl your browsing 
history(about:cache etc)   04:54 AM October 05, 2008  from web
    
Workaround: Do not use Firefox to open HTM/HTML - not from RAR package, 
not from remote Windows share folder, not from local, etc. 04:36 AM 
October 05, 2008 from web

Some details from my blog:

* Also works on Firefox 3.0.3
* Also works on Firefox 3.0.2

...

For Firefox, location is wrong when dot URL shortcut is launched by HTML 
elements. Slightly variant from CVE-2008-2810 which is about command 
line and only fixed in that perspective.

...

__________
Complete details and demo are available at 
http://liudieyu0.blog124.fc2.com/blog-entry-6.html

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH