Defined Misbehaviour
Blog Saynotolinux. TL;DR From at least 2013 until May 2016 JetBrains' IDEs were vulnerable to local file leakage, with the Windows (EDIT: and OS X)...
Read Blog.saynotolinux.com news digest here: view the latest Blog Saynotolinux articles and content updates right away or get to their most visited pages. Blog.saynotolinux.com is not yet rated by Alexa and its traffic estimate is unavailable. It seems that Blog Saynotolinux content is notably popular in USA. We haven’t detected security issues or inappropriate content on Blog.saynotolinux.com and thus you can safely use it. Blog.saynotolinux.com is hosted with GitHub, INC. (Netherlands) and its basic language is English.
Content verdict: Safe
Website availability: Live
Language: English
Last check:
-
N/A
Visitors daily -
N/A
Pageviews daily -
N/A
Google PR -
N/A
Alexa rank
Best pages on Blog.saynotolinux.com
-
TL;DR From at least 2013 until May 2016 JetBrains' IDEs were vulnerable to local file leakage, with the Windows (EDIT: and OS X) versions …
-
JetBrains IDE Remote Code Execution and Local File Disclosure - Defined Misbehaviour
Defined Misbehaviour Aug 15th, 2016 TL;DR From at least 2013 until May 2016 JetBrains’ IDEs were vulnerable to local file leakage, with the Windows (EDIT: and OS X) versions additionally being vulner...
Blog.saynotolinux.com news digest
-
7 years
JetBrains IDE Remote Code Execution and Local File Disclosure
TL;DR
From at least 2013 until May 2016 JetBrains’ IDEs were vulnerable to local file leakage, with the Windows (EDIT: and OS X) versions additionally being vulnerable to remote code execution. The only prerequisite for the attack was to have the victim visit... -
8 years
Leaking Clipboard Contents With Flash: Let's Explore User-Initiated Actions!
(NOTE: This article has been sitting in my drafts since May 2014. I am very lazy.)
TL;DR
Flash only allows read access to the clipboard in event handlers triggered by paste events, but Flash wasn’t checking if the clipboard contents had changed since entering the event handler. Due to quirks in how Flash’s event handlers work, an attacker... -
9 years
Seizing Control of Yahoo! Mail Cross-Origin... Again
This is a follow-up to another article about crossorigin mail theft on Yahoo! Mail using Flash. For a better understanding of the issue, you can read that here: http://blog.saynotolinux.com/blog/2014/03/01/yahoos-pet-show-of-horrors-abusing-a-crossdomain...
-
10 years
Spooky Sanitization Stories: Analyzing the XSS Flaw in Reddit Enhancement Suite
TL;DR
The library that Reddit Enhancement Suite (a browser extension for reddit users) used for HTML sanitization had a bug that bit them pretty hard, enabling DOM-based XSS of 1.5~ million reddit users. RES pushed out a fixed version, and reddit deployed...
Domain history
| Web host: | GitHub, INC. |
| Registrar: | Gandi SAS |
| Registrant: | Redacted for Privacy |
| Updated: | April 29, 2022 |
| Expires: | July 08, 2023 |
| Created: | July 08, 2009 |
Whois record
Safety scores
Trustworthiness
N/AChild safety
N/A
