12
05
2008
Who You Gonna Call?
Posted by: Giorgio in XSS, IE, Mozilla, Security, NoScript, UncategorizedAfter hearing me crying for help, my friend Sirdarckcat went hunting and entrapped a poltergeist which haunts IE only.
Is it this the one Manuel Caballero was talking about?
Or was that a different cross-browser evilness?
However, I ain't afraid of no ghosts :)
May 12th, 2008 at 9:13 am
sirdarckcat failed...
This bug is not about kindergarten trickery to read properties you are not supposed to...
May 12th, 2008 at 1:54 pm
For those without a good memory:
Publicly known since 2006:
https://bugzilla.mozilla.org/show_bug.cgi?id=382686
http://lcamtuf.coredump.cx/ifsnatch/modified.html
First read about in 2005, in a GreyMagic advisory.
May 12th, 2008 at 11:15 pm
This one succeeds on IE8 and newest version of IE7
http://sirdarckcat.blogspot.com/2008/05/ghosts-for-ie8-and-ie75730.html
Meow:
I am not reading properties dude xD I am changing iframes locations ;)
Ronald:
I am not using document.open() nor document.write() on about:blank iframes.. this is diferent.
Greetz!!