Slashdot Mirror
Unpatched Firefox Flaw May Expose Users
Corrado writes "CNET is reporting on a new Firefox flaw." From the article: "The problem lies in the way Firefox handles Web links that are overly long and contain dashes, security researcher Tom Ferris said in an interview via instant messaging late Thursday. He posted an advisory and a proof of concept to the Full Disclosure security mailing list and to his Security Protocols Web site...The public bug disclosure comes just as Mozilla released the first beta of Firefox 1.5. The final release of the next Firefox update, which includes security enhancements, is due by year's end, according to the Firefox road map."
No need to bring up just this bug, why not compare history for the last year on both IE6 and Firefox 1.x?
o d=11o d=4227
According to Secunia, during 2005 IE6 has had 11 advisories while Firefox 1.x has had 18.
Unfortunately I can't get the links to work properly (graphs come up blank), so take a look at the URL's yourself:
IE6: http://secunia.com/graph/?type=adv&period=2005&pr
Firefox 1.x: http://secunia.com/graph/?type=adv&period=2005&pr
(you will have to copy and paste these URL's to make them work it seems)
Help Brendan pay off his student loans
Take 2 seconds to check out his proof of concept:
t ml
http://www.security-protocols.com/firefox-death.h
WARNING: Clicking the above link will crash firefox. It will do nothing else. The hyphens are not normal minus hyphen (the - symbol on your american keyboard will translate to 0x2d) but a soft hyphen (0xad).
Here's an xxd dump of the offending HTML: