Skip to comments.
Unpatched Firefox 1.5 exploit made public
Cnet ^
| 12/08/2005
| Dawn Kawamoto
Posted on 12/08/2005 4:06:06 PM PST by zeugma
click here to read article
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-60, 61-80 ... 141-158 next last
If you're using Firefox, turn off your history to keep evil sites from being able to crash your browser.
The actual likelihood of running into one of these unless you regularly browse through the shady side of the net, but it's always bettyer to be safe than sorry. Note: that this particular defect does not propagate. That is, it is not a virus or worm. Some nasty person can make your browser crash, which can be fairly traumatic I'll admit after your browser has been up for a week or so with 30 tabs - but still.
1
posted on
12/08/2005 4:06:06 PM PST
by
zeugma
To: zeugma
the shady side of the netDoes that include porn sites?
To: zeugma
If you're using Firefox, turn off your history to keep evil sites from being able to crash your browser.
Proof of concept code does not equal an exploit in the wild.
You know, it's really nice of these security companies to wait until the final release before announcing these things. Mozilla puts out nightly builds, betas, and release candidates for a reason.
3
posted on
12/08/2005 4:12:47 PM PST
by
Terpfen
(Libby should hire Phoenix Wright.)
To: zeugma
If you're using Firefox, turn off your history to keep evil sites from being able to crash your browser. Is it turned off, if nothing drops down when you click on the address bar?
4
posted on
12/08/2005 4:16:10 PM PST
by
don-o
(Don't be a Freeploader. Do the right thing. Become a Monthly Donor! '98'er)
To: FEARED MUTATION
"Does that include porn sites?" Why, no, of course not. Go right ahead.:)
5
posted on
12/08/2005 4:17:18 PM PST
by
dynachrome
("Where am I? Where am I going? Why am I in a handbasket?")
To: zeugma
The sample exploit doesn't crash Firefox on my system with OS X 10.4.2. It does seem to make Firefox take a long time to quit and launch though.
6
posted on
12/08/2005 4:23:59 PM PST
by
ThinkDifferent
(I am a leaf on the wind)
To: zeugma
Do you have any tips on running firefox from a removable drive? I haven't tried it yet but people here at work say they run it from their jump drives.
7
posted on
12/08/2005 4:24:21 PM PST
by
raybbr
To: zeugma
How many users of Firefox 1.5 are out there?
8
posted on
12/08/2005 4:28:05 PM PST
by
tubebender
(You can't make Chicken Salad from Chicken Bleep...)
To: tubebender
9
posted on
12/08/2005 4:51:15 PM PST
by
M_i_G
To: tubebender
I'm one and I appreciate the posts about Firefox that appear on FR from time to time.
To: FEARED MUTATION
Does that include porn sites?Only in a technically true sense.
11
posted on
12/08/2005 4:54:08 PM PST
by
zeugma
(Warning: Self-referential object does not reference itself.)
To: tubebender
Thats me, and I really like it.
12
posted on
12/08/2005 4:56:36 PM PST
by
MilspecRob
(Most people don't act stupid, they really are.)
To: tubebender
13
posted on
12/08/2005 4:59:04 PM PST
by
Ole Okie
To: raybbr
Do you have any tips on running firefox from a removable drive? I haven't tried it yet but people here at work say they run it from their jump drives.No. I haven't tried that either, but I've seriously considered checking out how well it works. Personally, I prefer Knoppix for that kind of thing. It doesn't work if you want to save bookmarks and cookies though.
14
posted on
12/08/2005 5:01:04 PM PST
by
zeugma
(Warning: Self-referential object does not reference itself.)
To: don-o
Is it turned off, if nothing drops down when you click on the address bar?No. That's actually two different things, I believe. I could be wrong though. I'll have to check it out. Does anyone else know?
15
posted on
12/08/2005 5:02:11 PM PST
by
zeugma
(Warning: Self-referential object does not reference itself.)
To: ThinkDifferent
Update: Slashdot posters are reporting similar behavior. The exploit doesn't crash Firefox, but it can make it take a long time to read the history file and thus appear to have hung. It's unlikely that this is an actual security threat, although it could be annoying.
16
posted on
12/08/2005 5:02:31 PM PST
by
ThinkDifferent
(I am a leaf on the wind)
To: tubebender
I'm not sure how many users there are. When version 1.5 was released, there were a million downloads during the first 24 hours, so apparently, there are a few of us out here. That doesn't count people like me who download one copy and load onto 4 computers here at home, and about 10 at work.
17
posted on
12/08/2005 5:04:03 PM PST
by
zeugma
(Warning: Self-referential object does not reference itself.)
To: zeugma
I prefer Knoppix for that kind of thing. Is that from Germany, or where? Don't you have to burn a new CD every time there's a security patch? Such as if your firefox on your bootable knoppix needed this patch, you'd have to make a whole new cd wouldn't you?
To: ThinkDifferent
Update: Slashdot posters are reporting similar behavior. The exploit doesn't crash Firefox, but it can make it take a long time to read the history file and thus appear to have hung. It's unlikely that this is an actual security threat, although it could be annoying.Good to know. I would imagine in that case, that a quick fix if you got bitten by this would be to simply clear your history.
I figure it's better safe than sorry with this type of thing. Better to post, then clarify as more information is forthcoming.
19
posted on
12/08/2005 5:06:49 PM PST
by
zeugma
(Warning: Self-referential object does not reference itself.)
To: tubebender
20
posted on
12/08/2005 5:06:58 PM PST
by
steveo
(Merry Christmas everybody!)
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-60, 61-80 ... 141-158 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson