More... e zine \ WP showcase \ flash

Firefox not down !

{ on Oct 4 }


Ie 6 bashing was in the past a very nice waste of time (if you’re not using IT), but now it seems that the Firefox browser, which was introduced as an update that includes a number of improvements, including “significant” performance and usability upgrades, was announced today as vulnerable, due to a non-critical breach in the security system and a DoS attack could be organized by a hacker.

The vulnerability was made public a few days ago under the “proof-of-concept” label and Mozilla representatives as well as security companies thought little of it and their conclusion was that, in the worst case scenario, it should be considered more of an “annoyance”
than a serious security vulnerability. A successful attacker can fill the browser’s “history.dat” file with large history information by tricking a user into visiting a malicious Web site with an overly large title.

So even FF is weak, which browser to use now? Will the socalled developers create a secure browser?

Via: popurls / dzone.

More news about the FF leach:
irintech
zdnet
softpedia
blogs.msdn alexbarn
itvibe

Update: according to this article, the possible Vulnerability reported at Toorcon by Mischa Spiegelmock was some fucking sort of fun:

The main purpose of our talk was to be humorous.
As part of our talk we mentioned that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution. However, the code we presented did not in fact do this, and I personally have not gotten it to result in code execution, nor do I know of anyone who has.
I have not succeeded in making this code do anything more than cause a crash and eat up system resources, and I certainly haven’t used it to take over anyone else’s computer and execute arbitrary code.
I do not have 30 undisclosed Firefox vulnerabilities, nor did I ever make this claim. I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I honestly have no idea if he has them or not.
I apologize to everyone involved, and I hope I have made everything as clear as possible.

Published in Spotlight | Tags: | Browse the Archives | Need to search?

miloIIIIVII is a graphic and Web designer based in Munich, who works with clients to create exciting and cutting edge web design
That's all. Want more info? Inspiration?
View the lifestream or the Gallery, subscribe to the full RSS feed or get it via Email.

Share

Related

Twitter

milo317: @bleikamp well, you can see it this way: it's an appreciation of Derek's work follow me on Twitter

Notify

Comments are closed after twentyeight days of article posting.
Please use the contact form to get in touch.