Netscape Flaw Exposes Hard Drives!

Published by

Just saw this @ Neowin.net.

An Israeli software firm has discovered a flaw in Netscape and Mozilla software that allows code hidden in a Web page to read files from the user's PC. The bug is a more serious variant of one patched in Microsoft's Internet Explorer in February.

GreyMagic Software reported that the problem affects XMLHttpRequest, which allows Web pages in the browser to send and receive XML data via HTTP, the standard Web transfer protocol. XML is an Internet language for describing just about any sort of data. Netscape flaw exposes hard drives, the full story.