Firefox/Mozilla exploit semi-permanenet fix
Tim Wunder
tim
Wed Feb 9 09:58:54 PST 2005
There's an exploit to current versions of Firefox/Mozilla (and
Safari/Konqueror) pertaining to the International Domain Name specification
that affects all non-ie browsers (ie doesn't support IDN).
A demo of the exploit and a semi-permanent fix can be found here:
http://users.tns.net/~skingery/weblog/2005/02/permanent-fix-for-shmoo-group-exploit.html
You need to edit the compreg.dat in the user's profile directory.
Change
@mozilla.org/network/idn-service;1,{62b778a6-bce3-456b-8c31-2865fbb68c91}
to
@mozilla.org/network/idn-service;0,{62b778a6-bce3-456b-8c31-2865fbb68c91}
It's permanent until you install an extension. The compreg.dat file gets
overwritten when installing extensions.
Regards,
Tim
More information about the Linux-users
mailing list