SillyDog701 Message Centre

[J-M]

Secunia.com classified them to 'Highly critical' in SA12526.

There are some workarounds before new version release something like 7.3 is published. Test results reported to Netscape by their security bug web form.

Results in Windows XP environment

Issue 2: JavaScript Windows clipboard reading
http://bugzilla.mozilla.org/show_bug.cgi?id=257523
Affects to NS7.2.
Workaround: Disable JavaScript from Preferences / Advanced / Scripts & Plug-ins: tick off 'Navigator'
What I use: Not to copy or leave sensitive data (personal information, passwords etc.) to clipboard. Replace clipboard content with insignificant string, for example Start / Run... / notepad (type 'aaa', select Ctrl+A, type Ctrl+C).

Issue 5: non-ASCII characters in a link crashes browser.
http://bugzilla.mozilla.org/show_bug.cgi?id=256316
Affects to NS7.2.
NS Quality Feedback Agent prompts up too.
Workaround: Don't click untrusted links.
Observe the Status Bar, for example text like h t t p://AAAAA
[spaces added to break the link]

Issue 6: extremely wide BMP crashes browser.
http://bugzilla.mozilla.org/show_bug.cgi?id=255067
Be aware! There is working 'exploitable' link including Bugzilla report.

Affects to NS7.2.
Workaround: Don't click untrusted links.

Continuing with issue 7 and the rest ones.

subject slightly changed - Admin, 16.9.2004
un-sticky by Admin 25.9.2004

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040804 MultiZilla/1.6.4.0b (ax)

[Mandrake]

Then people should not use Netscape 7.2.. there is no 7.21 from Netscape to correct these. Besides, Firefox is faster

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; rv:1.7.3) Gecko/20040911 Firefox/0.10

---

Core i7 920 | ASUS P6T Deluxe v2 | 3TB+ HDD | 12GB Corsair DDR3 | Radeon 4890 Xfire | X-Fi Titanium Fatal1ty | Logitech Z-5500 Speakers | Dell 3008WFP | Seven RC1

[Ramona]

This is the entire Secunia Security Advisory:

[J-M]

That's the situation. Admin changed the subject (was 1.7.3's issues affecting to Netscape 7.2 too), only solution is to switch to Firefox or Suite before Netscape update. No reply to sent security bug web form yet.
Netscape Security Center (http://wp.netscape.com/security/) needs an update rapidly, at least by locating the newest issues first. People find it from Browser Central and there is no signal from coming 7.2x release.
Thanks Ramona from the quotation, a new Netscape-only advisory ID SA12535.

(Link changed to clickable - Admin 16.9.2004)

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040803 MultiZilla/1.6.4.0b

[J-M]

So again, Secunia has published own report SA12535:
http://secunia.com/advisories/12535/
It's severity is Highly critical too.

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040803 MultiZilla/1.6.4.0b

[Danny_G]

[goGecko]

In my opinion these are minor unexploited security holes that will have absoluetly NO impact on an average user. How many sites exploit these holes? Zero. Now that Mozilla has patched them in the latest trunk, there is no incentive for malicious sites to target the old vulnerabilities. Not to mention that IE has a 100x more unpatched security holes than Netscape 7.2.

The thread's title is also highly ambiguous "Use Another Product." This is vague and confusing to new users. Imagine an Internet Explorer user who just downloaded and setup 7.2 and had an issue with the program. The user found sillydog and read this "sticky." The IE user might then conclude that Netscape is no better than IE since even the forum admin doesn't recommend it and then return to using IE.
needs a new title. A better title would be "Minor Security Vulnerabilities Found in Netscape 7.2" Instead your title tries scaring Netscape users in a pathetic attempt to get them to convert to Firefox.

Back when Netscape 7.1 was used (for almost the entire year since Netscape was shut down), there was no sticky telling Sillydog users to not use Netscape 7. Yet there were numerous known security holes in Netscape 7.1. Why the new standard?

Sillydog 701 also provides an excellent Browser Archive. Yet almost all of the Netscape releases have known security and stability problems. Should Silldyog also start telling users that they should not use the older versions. If so, then why even offer them?

I believe that the end-user should decide how severe security holes are with regards to their individual needs. If you want to educate Netscape users about security, then fine. But don't tell them what to do!

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040804 Netscape/7.2 (ax)

[Antony]

[Danny_G]

[goGecko]

[goGecko]

Someone fixed the title. Thanks!

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040804 Netscape/7.2 (ax)

[Jeffredo]

[Ramona]

goGecko,

I added the Use Another Product, because it was included in the Secunia Advisory. I wasn't trying to set any new SillyDog701 standards, and if the "Use Another Product" seemed ambiguous, then perhaps you should address your dislike of the unsuitable verbiage to Secunia. I did not intend the title of the thread to set any new standard, I was merely quoting the Secunity Security Advisory. If you were offended, you should feel better now, as Antony did remove the offense phrase from the title.

Actually there was a statement on the Netscape Browser Archive suggesting that users should not use Netscape 7.1, and should instead download Netscape 7.02: Netscape 7.1 Streamline.

[Danny_G]

My apologies. I know your website and find a lot of great
tips and tricks for Netscape. I'm a NS hardcore fan since 1996.
Thanks.
I've always hated IE

UserAgent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.2) Gecko/20040805 Netscape/7.2

---

--
Danny G.
¡Mozilla en Español!

[Ramona]

Danny G,

No apology needed, I just wanted to remove any concept here that I am an IE activist in any way, shape, or form.

Ramona

UserAgent: Mozilla/5.0 (Windows; U; Win98; rv:1.7.3) Gecko/20040913 Firefox/0.10

---

RAMONA
Netscape, Mozilla, Firefox Solutions