Slashdot Mirror


Vulnerability In Firefox Popup Blocker

cj writes in with news of a vulnerability in Firefox's stock popup blocker discovered by Michal Zalewski. The vulnerability can allow a malicious user to read files from an affected system. The attacker would "need to plant a predictably named file with exploit code on the target system. This sounds hard, but isn't," according to the article.

1 of 100 comments (clear)

  1. Re:Anyone knows if the 2.x tree is vulnerable too? by Carnildo · · Score: 3, Interesting

    Thanks for the tip. I just checked my temp directory, and I've got stuff dating back to early 2001 in there.

    --
    "They redundantly repeated themselves over and over again incessantly without end ad infinitum" -- ibid.