Slashdot Mirror

← Back to Stories (view on slashdot.org)

Unpatched Firefox 1.5 Exploit Made Public

Posted by CmdrTaco on from the caught-with-you-pants-down dept.

ThatGuyGreg writes "C|Net is reporting that an unpatched exploit in Firefox 1.5 has been made public, making it very easy for ne'er-do-well-sites to cause your browser to crash on startup with a single visit. Until a patch is released, it is recommended that you disable your history.dat file."

17 of 309 comments (clear)

  1. Good Thing by Anonymous Coward · · Score: 5, Funny

    I'm still using Internet Explorer!

    1. Re:Good Thing by sloths · · Score: 5, Funny

      Did it come with a free dinosaur?

      --
      really 867993
      Karma schkarma
    2. Re:Good Thing by AgentScummy · · Score: 3, Funny

      Mine came with Windows 3.1

    3. Re:Good Thing by aussie_a · · Score: 2, Funny

      No but it does come with free spyware.

  2. Obligatory Jamaican Response by dotslashdot · · Score: 5, Funny

    Dat file will be history, man.

    1. Re:Obligatory Jamaican Response by Anonymous Coward · · Score: 4, Funny

      But the exploit was published on Wed.

  3. ummmm by Prince+Vegeta+SSJ4 · · Score: 3, Funny

    thats what thet get for making an extension that runs explorer within firefox https://addons.mozilla.org/extensions/moreinfo.php ?application=firefox&id=1419 *ducks*

  4. Tin Hats Need Not Fear by courtarro · · Score: 4, Funny

    Those of us with sturdy tin hats already have our histories disabled. Take that, evil!

    1. Re:Tin Hats Need Not Fear by raehl · · Score: 2, Funny

      Those of us with sturdy tin hats already have our histories disabled.

      Those of us with wedding rings do that too.

      --
      paintball
  5. Heh by aftk2 · · Score: 4, Funny
    cause your browser to crash on startup with a single visit.
    I've seen this exploit in the wild: it's called the MySpace Profile Page.
    --
    concrete5: a cms made for marketing, but strong enough for geeks.
  6. Re:Stopping the stupidity by CosmeticLobotamy · · Score: 5, Funny

    The guy who drew the logo for that forgot the wingalings and the beefy arm.

  7. i feel so unsaf on teh intarweb!! by Anonymous Coward · · Score: 2, Funny

    Rendered using Microsoft's *NEW* CSS/Teenager parsing utility:

    THA'TS WHY I SWETCHED TO IEXPOLRE TOOO.!

    ITS MUCH BETTAR CSs COPMP1ANDCE I meEN WHy COmply WHEN You cna PWN THERE NUB ASSES??? harharAR

    EVEN IT PROTECKS YOU

  8. Informative :) by kentyman · · Score: 2, Funny

    I love how this is considered Informative.

    What? Oh, Jamaicans say "mon" instead of "man". I should write that important information down. Maybe it should be added to http://en.wikipedia.org/wiki/Jamaican_English.

    Keep that information flowin', mon! Irie!

    Shabba!

    --
    You know where you are? You're in the $PATH, baby. You're gonna get executed!
  9. Re:FC4, 1.5 by Newrad · · Score: 2, Funny

    LOL... why don't you people just manually call up a dialup provider chirp into the phone?

  10. Re:The fix by d34thm0nk3y · · Score: 2, Funny

    Heh, thats funny. There are 3 highly modded posts saying to just delete the history file. Hmmm.... why would Slashdotters be so familiar with a procedure such as that?

  11. Re:Posting from an "Exploited" FF 1.5 by sholden · · Score: 2, Funny

    Very dangerous. It should just dump that raw HTML to the screen, along with the HTTP headers rather than trying to process the text from an outside user who wrote whatever web page you happen to be looking at.

  12. Re:The fix by filament · · Score: 2, Funny

    I'm sorry, I can't read your comment because my browser has crashed.

    --
    This sig is covered under the GPL.