Slashdot Mirror


Mozilla / Firefox Memory Exposure Vulnerability

JimmyM writes "Secunia has a story regarding a new severe vulnerability in the Mozilla Suite and Firefox browser, which can be exploited by any web site to read all memory, which the browser process has access to. No patch is available from Mozilla. A demonstration is available here."

1 of 132 comments (clear)

  1. comma by Anonymous Coward · · Score: 5, Insightful
    which can be exploited by any web site to read all memory, which the browser process has access to

    I don't normally complain about the grammar and punctuation of submitters and editors, but in this case it is too significant. The difference between

    read all memory, which the browser process has access to

    and

    read all memory which the browser process has access to

    Is profound. The first form says that the browser has access to all memory. The second form says that the web site has access to all the memory to which the browser also has access. Catching and fixing stuff like this is what an editor does. If Slashdot's people can't do that, then don't call them editors. Call them "Dudes Who Click Approve," or something like that.