[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Re[4]: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3....

To: Thierry Zoller <Thierry@xxxxxxxxx>
Subject: Re: Re[4]: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3....
From: Michal Zalewski <lcamtuf@xxxxxxxxxxx>
Date: Tue, 21 Jul 2009 16:15:26 -0700

> The W3C DOM specifies the select.length attribute to be *read only*.

Does not seem to be the case in HTML5 at least?

http://dev.w3.org/html5/spec/Overview.html#the-select-element

In fact, it has the behavior for writes defined:

"On setting, it must act like the attribute of the same name on the
options collection."

It may or may not have any practical uses (dynamic resizing of SELECTs
without having to delete individual options).

/mz

Follow-Ups:
- Re[6]: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3....
  - From: Thierry Zoller

References:
- Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari,Opera, Chrome,Seamonkey,iPhone,iPod,Wii,PS3....
  - From: Thierry Zoller
- Re: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3....
  - From: Michal Zalewski
- Re[2]: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3....
  - From: Thierry Zoller
- Re: Re[2]: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3....
  - From: Michal Zalewski
- Re[4]: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3....
  - From: Thierry Zoller

Prev by Date: Adobe Acrobat 9.1.2 NOS Local Privilege Escalation Exploit
Next by Date: RainbowCrack 1.4 is released - The Time-Memory Tradeoff Hash Cracker
Previous by thread: Re[4]: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3....
Next by thread: Re[6]: [Full-disclosure] Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3....
Index(es):
- Date
- Thread