Re: An IE Browser is EVEN exploitible on DSL Repor

Forums » How's your browsing security? » An IE Browser is EVEN exploitible on DSL Reports


Share Topic:	RSS topic:	toggle: flat / full normal / watch	Post a:	Post a:

Most people... »
« Am i safe, probably not.

nil Java Geek join:2000-11-27 Host: Webmasters and Dev.. Forum Feature Requ..	Re: An IE Browser is EVEN exploitible on DSL Repor Well.. it really doesn't.. As I explained in that thread.. dslr security is based on more than just the cookie so ability to execute arbitrary javascript isn't exactly a huge security hole. -- Life is too short to be boring [text was edited by author 2003-07-26 13:39:47]
	permalink · 2003-07-26 13:38:50 ·

Sarick It's Only Logical Premium join:2003-06-03 USA ·FrontierNet Intern..	Re: An IE Browser is EVEN exploitible on DSL Repor said by nil : Well.. it really doesn't.. As I explained in that thread.. dslr security is based on more than just the cookie so ability to execute arbitrary javascript isn't exactly a huge security hole. No recheck the topic. A lot of new stuff got added.
	permalink · 2003-07-26 14:22:20 ·

nil Java Geek join:2000-11-27 Host: Webmasters and Dev.. Forum Feature Requ..	Re: An IE Browser is EVEN exploitible on DSL Repor JavaScript is client side.. hence all the various little tricks you can do with it only work for the person viewing the site.. so yes.. someone could insert an iframe that will display contents of /prof.. but guess whose you will view? Your own.. and you can't view someone elses.. -- Life is too short to be boring
	permalink · 2003-07-26 14:25:45 ·

Sarick
It's Only Logical
Premium
join:2003-06-03
USA

·FrontierNet Intern..

Re: An IE Browser is EVEN exploitible on DSL Repor

I would love to see both parties that debute over this some more.

One person says it's exploitible the other says it's not.

My problem is I can't argue with anyone I don't program Java Script.

A couple of people tend to think it's still open for debate.

I do miss your insite. After all it's my understanding that your head of this sites web design or have a lot of say on it's design and or performance.

Like I said before I try to lock down my system as much as possible. Having an exploit install something is rare but I don't want to deal with to much paranoid issues that could cause brain damage.

Most of the exploits IE has are because it's so inter twind with the OS. I bet there are still many hacks not found in the wild in IE.

permalink · 2003-07-26 14:36:38 · Print ·

nil Java Geek join:2000-11-27	Re: An IE Browser is EVEN exploitible on DSL Repor Okay, sure, why not.. There's one way to about it.. See my new post in the other thread. -- Life is too short to be boring
	permalink · 2003-07-26 14:40:06 ·

Marilla
I Am My Own Arbiter
Premium
join:2002-12-06
Belpre, OH

Re: An IE Browser is EVEN exploitible on DSL Repor

I'm VERY busy this weekend, and as I noted in the thread, I've not used Javascript for much other than form validation and simply redirection of the browser... but when I get time, I'll work on a 'proof of concept' post in the forum you linked, NIL.

And btw, thank you for taking time out for this.. I, too, am very interested in the outcome since I run my own custom forum system myself; I thought I had taken care of a lot of malicious possible uses before... but we'll see

Perhaps someone will get to a 'proof of concept' before I do.. we'll just see.

permalink · 2003-07-26 15:25:34 · Print ·

your comment..

Forums » How's your browsing security?

Most people... »
« Am i safe, probably not.


Friday, 27-Nov 17:04:15	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF