Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Click here to return to the 'How to avoid the new 'Help' URL handler vulnerability' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
How to avoid the new 'Help' URL handler vulnerability
Authored by: Spades on May 19, '04 03:24:29PM

That's actually the application that inspired my post. Every indication is that it just modifies OpnApp.scpt, which is the wrong fix. I don't see anything that says this changes the help protocol helper, which is the right way to deal with this. I don't mean to knock the efforts of the people that made that, and if it does make the helper change, please correct me. But, the critical defect is the runscript part of help urls, and this program does not look like a valid workaround for the defect.

[ Reply to This | # ]