Slashdot Mirror


Security Issues in Mozilla

paulius_g writes "SecurityFocus has released a security warning with three problems that affect Mozilla on all platforms. The first issue allows the source of a download to be spoofed, generating a fake URL. This security issue is really easy to replicate: Create a long URL and the downloading box will only display its ending (Mozilla and Firefox). The second issue was created by the way that Mozilla's browsers handle news:// links to newsgroups, hackers can easily create false links and create a buffer overflow (Mozilla 1.7.5 and below, Firefox versions before 1.0). The third exploit affects machines with multiple users. The way that Firefox and Thunderbird store files allows every user to see them and to probably catch the other user's surfing habits (Firefox and Thunderbird). Let's hope that these will be fixed soon!"

6 of 454 comments (clear)

  1. Security by Anonymous Coward · · Score: 5, Funny

    Oh no! Time to switch back to IE.

  2. Not Mozilla!! by 53cur!ty · · Score: 5, Funny

    The tragedy, the inhumanity!!

    Bet Gates is grinning today hoping everyone will forget his laptop crash.

    Don't Tech all day and night, visit:
    WillingtonKarateClub.org Training Tips and more

  3. 3 Whole Security Issues! Thank God... by codesurfer · · Score: 5, Funny

    that I can still wipe my Linux box, buy a copy of XP, install, activate, update, reboot, update, reboot, get SP1 & 2, reboot, update, reboot and I'll be able to use Internet Explorer, a safe alternative to....oh wait...

  4. Jeebus Kriced by killmenow · · Score: 5, Funny
    So sayeth the submitter:
    Let's hope that these will be fixed soon!
    Slashdot has gotten so bad, now the submitters don't even RTFA!
  5. Re:Umm.... by fitten · · Score: 5, Funny

    You mean I gotta walk all the way down to the systemroom to get my information? Crap, no wonder I haven't been able to find it in my office lately...

  6. Re:Misleading Article by northcat · · Score: 4, Funny

    How can his post be rated informatve when it isn't true?

    You must be new here.