[Full-disclosure] Firefox/MSIE focus stealing vulnerability - clarification
Marcello Barnaba
marcello at softmedia.info
Tue Feb 13 05:04:09 GMT 2007
Hi,
On Tuesday 13 February 2007 05:44, Tyop? wrote:
> > > http://lcamtuf.coredump.cx/focusbug/index.html
> > Without JavaScript on, this doesn't work. See http://noscript.net/
> Without a browser too, this doesn't work. See
> http://netcat.sourceforge.net/
DONT TRY THIS AT HOME.
I started to mentally evaluate the lcamtuf code and had half myself injected
and uploaded on Zalewski's host. I am writing this in an hope that he can
send back a pcap dump or I could not be able to regain human form.
You have been warned.
--
pub 1024D/8D2787EF 723C 7CA3 3C19 2ACE 6E20 9CC1 9956 EB3C 8D27 87EF
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20070213/4e6a71d0/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.