Slashdot Mirror

← Back to Stories (view on slashdot.org)

Password Vulnerability In Firefox 2.0.0.5

Posted by CmdrTaco on Monday July 23, 2007 @03:18AM from the waiting-for-the-patch-boys dept.

Paris The Pirate writes "According to a message posted over the weekend on the Full-Disclosure mailing list, the latest version of Firefox, 2.0.0.5, contains a password management vulnerability that can allow malicious Web sites to steal user passwords. If you have JavaScript enabled and allow Firefox to remember your passwords, you are at risk from this flaw."

3 of 176 comments (clear)

Min score:

Reason:

Sort:

Is this OS independent? by sexybomber · 2007-07-23 03:20 · Score: 4, Interesting

I haven't RTFA (after all, this is Slashdot), but are all OSes equally vulnerable?
Safari by ens0niq · 2007-07-23 04:18 · Score: 3, Interesting

Safari also vulnerable...
1. Re:Safari by pherthyl · 2007-07-23 04:51 · Score: 3, Interesting
  
  Interestingly enough, Konqueror/KHTML (on which Safari is based) is not vulnerable (just tried the demo). It does password saving as well, but apparently have found a way to avoid the problem.