April 19, 2000
News sightings: C-Net | ZDNet | NTSecurity | MSNBC
In order for this exploit to work, you must be using a Communicator user profile named "default". Most of the time, this is a valid assumption, since most users accept the default profile name "default" when they are setting up Communicator. (The exploit will work with profile names other than "default", as long as you can guess the name of the profile. If you were to carry out the exploit on one particular person, and you knew their name and email address, you might guess that their profile name was either their first name, or the username portion of their email address.)
To see the names of Communicator profiles on your computer, go to C:\Program Files\Netscape\Users\ . Every Communicator profile has a corresponding sub-directory in that directory (the vast majority of Communicator installations only have one profile). If you don't see a directory named "default", you must create a user profile called "default" before continuing:
Now that you are running a profile named "default", you must have at least one bookmark set. (The exploit works by reading in the last bookmark in your bookmark.htm file, which determines the list of bookmarks displayed under the Communicator -> Bookmarks menu.) Go to one of your favorite sites and then pick Communicator -> Bookmarks -> Add Bookmark.
Finally, two options have to be set correctly for the exploit to work (these are default settings, so these assumptions will be correct for almost all browsers):
Now proceed to the demonstration page.