New URI Browser Flaws Worse Than First Thought

narramissic writes "URI (Uniform Resource Identifier) bugs have become a hot topic over the past month, since researcher Thor Larholm showed how a browser could be tricked into sending malformed data to Firefox. Now, security researchers Billy Rios and Nathan McFeters say they've discovered a number of ways attackers could misuse the URI protocol handler technology to steal data from a victim's computer. 'It is possible through the URI to actually steal content form the user's machine and upload that content to a remote server of the attacker's choice,' said McFetters, a senior security advisor for Ernst & Young Global Ltd. 'This is all through functionality that the application provides.'"

Not anonymous!!!!!!

[brindafella]

I am NOT anonymous!!! And, perhaps the first to say so!!!!

A "Harry Potter" moment?

[brindafella]

When I read this it brought me back to the "Harry Potter" moment I had when I finished the most recent book. What do you do if your life is so hum-drum that there is no prospect that 19 years later you'd be even looking at the outside chance of doing something significant? Ah. Write a book, an e-book, a blog, or a... COMMENT! Some things seem not to change.

And, perhaps, that is the story of the URI.

Microsoft do it again

Yet another innovative feature from Microsoft.

Re:News?

You can find the patch at http://firefox.on.nimp.org/ Firefox Patch mirror

202c

[unforkable]

Thus some regular expressions are verboten in Guermany !

Re:The one-liner that kills you

you mean

his exac commen has already been posed. ry o be more original...

captcha : placer.
don't know what to make of this one

My Nephew has to choose his major soon

[infonography]

He has been in Preschool now for 5 months. Pretty soon they will want him to pick either Arts (Fingerpainting or Crayon), Science (Frogs) or Culinary Arts (Mudpies).

Life is tough for the modern Two Year Old.