On 15 Mar 2005 13:33:53 GMT, Christopher Jahn <[EMAIL PROTECTED]> wrote:
>Allen Farley <[EMAIL PROTECTED]> wrote in news:d14voe$hug8 >@ripley.netscape.com: > >> Just got these for Mozilla, Firefox and Thunderbird today. All are >> listed as '"Save Link Target As..." Status Bar Spoofing Weakness' and >> all have the same solution: 'SOLUTION: Never save files via untrusted >> sources.' >> >> http://secunia.com/advisories/14565/ - Firefox 0.x & 1.x >> http://secunia.com/advisories/14567/ - Thunderbird 1.0 >> http://secunia.com/advisories/14568/ - Mozilla 1.7.x >> > >I beleive this was fixed in FF 1.01 nope, sorry to say it's not fixed. I just tested it in FF 1.0.1 I see the good url in the status bar, but see the bad url in the Save as... dialog - and the bad file does get downloaded. _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security
