Mozilla Privacy Bug
Saturday September 14th, 2002
Yesterday, ZDNet UK News reported that Mozilla has a privacy flaw involving HTTP referers. The flaw can be exploited using the
The bug was filed in Bugzilla as bug 145579 on Sunday 19th May, with the more serious
UPDATE! Bug 145579 has now been made public.
ANOTHER UPDATE! A fix has been checked in to the trunk. A patch for the 1.0 branch will follow shortly.
YET ANOTHER UPDATE! A patch has now been checked in to the 1.0 branch.
#46 Re: Re: Re: Re: Bad policy strikes again
Tuesday September 17th, 2002 11:48 AM
You are replying to this message
There public should be informed of the problem as soon as possible. Just don't post the exploit until after the fix is made available. In this case users could have been told that in some cases a web site is notified when you leave it about what site you are going to, and that the original web site requires (not strictly true) malicious code to do this. A link to the bug would then give full details once it is made public.