Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

8 More Bugs Found In Firefox And Mozilla
TechWeb ^ | March 01, 2005 | TechWeb News

Posted on 03/01/2005 3:07:13 PM PST by holymoly

Just a day after one security firm warned of a vulnerability in Firefox and Mozilla, a rival disclosed that another eight threaten the open-source browsers.

The Danish security firm Secunia on Tuesday laid out the flaws, most of which could be used by criminals to spoof, or fake, various aspects of a Web site, ranging from its SSL secure site icon to the contents of an inactive tab.

Other bugs can be exploited remotely by hackers able to introduce code of their own choosing on the vulnerable machine, possibly taking control of it or giving them access to files. For example, Firefox's extensions -- its name for plug-ins -- can be manipulated to create a temporary directory that can then be exploited by attacks to delete files from the computer. Another flaw in the automatic form filling feature -- used to quickly complete forms with personal information, or even credit card numbers -- could be exploited to trick users into divulging some of that information.

Secunia collectively rated the vulnerabilities as "Moderately Critical," and said that only Firefox has been fixed. Users should download the newest edition, Firefox 1.0.1, which was released last week.

The vulnerabilities have been corrected in Mozilla, but the patched edition, 1.7.6, has not yet been officially released. The same goes for Thunderbird, the Mozilla Foundation's free e-mail client, which is also susceptible to the bugs. Both Mozilla 1.7.6 and Thunderbird 1.0.1 should roll out this week, Mozilla has said.

Firefox 1.0.1 an be downloaded from the Mozilla Web site.


TOPICS: News/Current Events
KEYWORDS: browser; bug; exploit; feature; firefox; mozilla
Navigation: use the links below to view more comments.
first 1-2021-4041-6061-70 next last
Chicken Little
1 posted on 03/01/2005 3:07:13 PM PST by holymoly
[ Post Reply | Private Reply | View Replies]

To: holymoly

Best advice is to use some unknown browser that the hackers don't target.


2 posted on 03/01/2005 3:09:03 PM PST by John Lenin
[ Post Reply | Private Reply | To 1 | View Replies]

To: holymoly
Secunia collectively rated the vulnerabilities as "Moderately Critical," and said that only Firefox has been fixed. Users should download the newest edition, Firefox 1.0.1, which was released last week.

They announce it on Tuesday, but it was fixed last week.

Good service, I'd say.

3 posted on 03/01/2005 3:11:42 PM PST by Izzy Dunne (Hello, I'm a TAGLINE virus. Please help me spread by copying me into YOUR tag line.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Izzy Dunne

I have Firefox. Is there an easy way to download the update?


4 posted on 03/01/2005 3:12:50 PM PST by Bahbah
[ Post Reply | Private Reply | To 3 | View Replies]

To: Bahbah

No updates. With Mozilla & Firefox, you have to download the whole thing.


5 posted on 03/01/2005 3:13:58 PM PST by holymoly ("A lot" is TWO words.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: John Lenin

I find myself using Opera more and more - with Java, Javascript and all plugins disabled.


6 posted on 03/01/2005 3:14:43 PM PST by holymoly ("A lot" is TWO words.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: holymoly

Slightly off-topic... I have a Mac and currently use the dreaded IE, but would like to switch. What browser would you all recommend?


7 posted on 03/01/2005 3:16:25 PM PST by inkling
[ Post Reply | Private Reply | To 1 | View Replies]

To: holymoly

Some clown keeps hacking my Opera, all I have to do is reinstall it to fix it.


8 posted on 03/01/2005 3:16:55 PM PST by John Lenin
[ Post Reply | Private Reply | To 6 | View Replies]

To: Bahbah
www.GetFirefox.com
9 posted on 03/01/2005 3:19:08 PM PST by Izzy Dunne (Hello, I'm a TAGLINE virus. Please help me spread by copying me into YOUR tag line.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Bahbah
Download 1.0.1 then uninstall 1.0. Now install 1.0.1. None of your bookmarks,extensions etc. will be lost because they are stored in a different file.
10 posted on 03/01/2005 3:19:10 PM PST by tomh68
[ Post Reply | Private Reply | To 4 | View Replies]

To: inkling

I know next to nothing about Macs... but what about Safari or Mozilla?


11 posted on 03/01/2005 3:19:23 PM PST by holymoly ("A lot" is TWO words.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: inkling

Safari


12 posted on 03/01/2005 3:19:41 PM PST by JOAT
[ Post Reply | Private Reply | To 7 | View Replies]

To: RhoTheta

Ping.


13 posted on 03/01/2005 3:19:55 PM PST by Egon (Government is a guard-dog to be fed, not a cow to be milked.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: holymoly

Welcome to the big time, Mozilla.


14 posted on 03/01/2005 3:20:44 PM PST by Doohickey ("This is a hard and dirty war, but when it's over, nothing will ever be too difficult again.”)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JOAT

Until last weekend I was still using OS 9.2, but just made the jump to Panther. I've played with Safari a bit. I might give that another try.


15 posted on 03/01/2005 3:22:12 PM PST by inkling
[ Post Reply | Private Reply | To 12 | View Replies]

To: inkling
What browser would you all recommend?

The aforementioned FireFox is pretty good on Mac, but I use Safari.

16 posted on 03/01/2005 3:23:29 PM PST by Izzy Dunne (Hello, I'm a TAGLINE virus. Please help me spread by copying me into YOUR tag line.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: inkling

safari is very cool on OSX


17 posted on 03/01/2005 3:33:55 PM PST by ezo4
[ Post Reply | Private Reply | To 7 | View Replies]

To: inkling

Used Safari for years, love it. Particularly good with iGetter download manager.

Keep IE for non-standard compliant websites..


18 posted on 03/01/2005 3:33:59 PM PST by D-fendr
[ Post Reply | Private Reply | To 7 | View Replies]

To: inkling

One reason OS 9 is still valuable is if you are playing with an ipod, because the version of iTunes for 9 allows a whole lot more versatility for moving mp3s. If your machine supports OS 9 I would leave it as a dual boot. OS X is certainly better, but 9 still has definite uses....


19 posted on 03/01/2005 3:52:37 PM PST by JOAT
[ Post Reply | Private Reply | To 15 | View Replies]

To: holymoly

Impossible. Everyone knows only Microsoft is hackable and Open Source is virus-proof.


20 posted on 03/01/2005 3:56:15 PM PST by Uncle Miltie (Democrat Obstructionists will be Daschled!)
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-6061-70 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson