Internetnews.com reports that GreyMagic Software says both Netscape and Mozilla browsers are at risk for an attack that would allow local files to be read.
"According to a security posting on its Web site, the Israel-based software company found that a component for retrieving XML documents from a Web server, known as XMLHTTP, can be used to read local files by blindly following server-side redirections."