Slashdot Mirror

← Back to Stories (view on slashdot.org)

Don't Hit That Back Button

Posted by ryuzaki0 on from the burn-your-bridges dept.

Saint Aardvark writes: "From the Bugtraq mailing list comes this warning: 'Using the Back Button in IE is dangerous'. When hitting the back button, javascript links will be executed in the security zone of the last url viewed. Proof-of-concept included in the warning will execute minesweeper or read your Google cookies."

17 of 640 comments (clear)

  1. Re:In other news by Anonymous Coward · · Score: -1, Offtopic

    Nicely done sir.

  2. I would've posted the exploit... by Any+Web+Loco · · Score: 0, Offtopic

    ... but the damn lameness filter got me. I can't even whore for karma - i'm too lame. gutted.

  3. Re:Go Mozilla! by Anonymous Coward · · Score: 0, Offtopic

    When was the last time you used Mozilla? 0.9.8 kills IE in terms of speed. MS has to be drooling over Gecko. ;-)

  4. Re:Go Mozilla! by sqlrob · · Score: 0, Offtopic

    But it's been crashing left and right on my Win box. Enough that I'm probably going to switch to Mozilla as my default browser once 1.0 comes out.

  5. Re:Java's been crashing IE of late by revscat · · Score: 1, Offtopic

    Java is insecure

    No, JavaScript implementations can be insecure, or VBScript can be insecure, but Java is very, very secure.*

    Methinks you are confusing JavaScript with Java. They're only related tangentially at best.

    * This being /. this point is, of course, infinitely debatable.

  6. Re:Go Mozilla! by drightler · · Score: 0, Offtopic

    In my experience Mozilla seemed faster than Opera..

    --

    blah blah blah....
    drightler@technicalogic.com
  7. Re:No. by Anonymous Coward · · Score: -1, Offtopic

    Babelfish: English -> German -> English

    If you do not strike that the back key, which is communicated by Timotheegras on Tuesday April 16, @11:10PM of the burning their bridges abbott of holy Aardvark writes: " of the transmitting list Bugtraq comes this WARNING: ' the back key in IE to use is dangerous. If one strikes the back key, executed Javascript on the left of in security zone of the last outstanding URL the proof of concept, which is covered in the WARNING, executes Minesweeper or reads its Plaetzchen Google.

  8. Wow! I get to play minesweeper again! by Mustang+Matt · · Score: 1, Offtopic

    Rock and roll. I set a new record. I haven't played minesweeper since... win98SR1!

    --
    The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
  9. Re:Go Mozilla! by cscx · · Score: 0, Offtopic

    Enough that I'm probably going to switch to Mozilla as my default browser once 1.0 comes out.

    That is, if you're still alive...

  10. Re:I wouldn't hedge my bets on Mozilla so blindly. by Anonymous Coward · · Score: -1, Offtopic

    And the beast shall be made legion. Its numbers shall be increased a thousand thousand fold. The din of a million keyboards like unto a great storm shall cover the earth, and the followers of Mammon shall tremble. trying again :P

  11. Just a reminder by Anonymous Coward · · Score: -1, Offtopic

    T( H)GSB Apr 21-27

    The editors don't seem to think poster's content is very valuable. They seem to think that no one clicks though to the stories. According to Cmdrtaco, only 3% of /. users actualy post regularly. We are going to prove them wrong!!!

    T( H)GSB Apr 21-27

  12. Re:Go Mozilla! by WhiteKnight07 · · Score: 0, Offtopic

    Mozilla is just as fast as Opera on my box and besides, Opera isn't powerfull enough.

    --


    We're going to make information free Mr. Anderson, whether you like it, or not.
  13. Re:Go Mozilla! by Type-R · · Score: 0, Offtopic

    Well, unless he get's hit by a bus in the next month or so, he's probably safe... (Seeing as how 1.0 has been branched, and looks like its nearly release time )

  14. Re:Go Mozilla! by Alan+Partridge · · Score: 0, Offtopic

    in my imagination Mosaic is way faster than Concorde too

    --
    That was classic intercourse!
  15. Re:My company's solution to IE by Anonymous Coward · · Score: -1, Offtopic

    Yeah, I find myself looking for that right now. I guess "troll" will have to do.

  16. Re:Go Mozilla Anyways! by Anonymous Coward · · Score: -1, Offtopic

    lol... I love it. I'm a Troll because I didn't advoate that Linux was the most awesome O/S of all time.

    So mod this puppy up boys! Linux Rocks! It's the best! Microsoft sucks! Bill Gates should die! Linus for President!!!

  17. Re:The problem is: it's a designflaw. by Anonymous Coward · · Score: -1, Offtopic

    Go watch TV, putz.