Shockwave security leak and a possible solution

Shockwave security leak and a possible solution

Jim Stoneburner writes: "Regarding the reported Shockware security leak which can affect Netscape Navigator on Macintosh, there may be hope. It appears that if the user has changed the name of the boot volume or partition from Macintosh_HD to anything else, this may prevent intrusion. For example, Netscape uses the path name mailbox:/Macintosh HD/System Folder/Preferences/
Netscape ?/Mail/Inbox?number=0 to specify an Inbox file. If the boot volume name has been changed, any unscrupulous webmaster would not know how to specify this path."

Update: Jud Spencer of Claris writes: "Emailer 2.0 is not vulnerable to this. Emailer 2.0 stores its mail in a database not individual text files. Emailer 1.0 stores individual mail messages as text files but it does not store them at any easily guessed pathname."

Tags:
Computers
 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
Nissan gives new Murano bold style (pictures)
Top great space moments in 2014 (pictures)
This is it: The Audiophiliac's top in-ear headphones of 2014 (pictures)
ZTE's wallet-friendly Grand X (pictures)
Lenovo reprises clever design for the Yoga Tablet 2 (Pictures)
Top-rated reviews of the week (pictures)