[ale] [Fwd: More ammo for Mozilla]

Dow Hurst dhurst at kennesaw.edu
Mon Feb 2 12:22:42 EST 2004


Your right about Mozilla being vulnerable too.  You may not 
even get a mangled URL in the status bar to alert you.

I've gotten both the typical and Javascript enabled versions 
in Mozilla and luckily I don't allow Javascript to run while 
in Mail and Newsgroups.  Plus, the emails had a few small 
but significant grammar indicators that showed that they 
were fake.  So I viewed source in the Javascript version and 
found the variable where the URL displayed was replaced with 
the true destination IP.

Of course, Mozilla does give you more obvious control over 
what is allowed.  You can secure it more easily than trying 
to disable functions in IE.

I've received one that was purported to goto Paypal while 
most of the others were fake Earthlink ISP messages.
Dow



Vernard Martin wrote:
>>>Yes, that's right kids - don't click on hyperlinks with IE.  The
>>>destination (what it says you're going to go to when you mouse over) may
>>>be invalid, or lead to a website with a malicious exploit.  Instead,
>>>
>>>I just have three words: www.mozilla.org
> 
> 
> I thought that it was reported that Mozilla was also vulnerable to the same
> exploit that caused this screw up in Explorer?
> 
> V

-- 
__________________________________________________________
Dow Hurst                  Office: 770-499-3428            *
Systems Support Specialist    Fax: 770-423-6744            *
1000 Chastain Rd. Bldg. 12                                 *
Chemistry Department SC428  Email:   dhurst at kennesaw.edu   *
Kennesaw State University         Dow.Hurst at mindspring.com *
Kennesaw, GA 30144                                         *
************************************************************
This message (including any attachments) contains          *
confidential information intended for a specific individual*
and purpose, and is protected by law.  If you are not the  *
intended recipient, you should delete this message and are *
hereby notified that any disclosure, copying, distribution *
of this message, or the taking of any action based on it,  *
is strictly prohibited.                                    *
************************************************************



More information about the Ale mailing list