 Critical Flaw Found In Firefox |
|
|
|
|
  |
 May 11 2005, 02:34 PM
Post
#1
|
|
|
Super Member  Group: [HOSTED] Posts: 522 Joined: 25-April 05 Member No.: 4,374  |
I don't want to spam by posting the entire article but this was brougt to my attention by an email posting at work. Since I have not seen it in this thread here it is. The full atricle can be found at http://news.yahoo.com/s/pcworld/120756
"Firefox has unpatched "extremely critical" security holes and exploit code is already circulating on the Net, security researchers have warned. The two unpatched flaws in the Mozilla browser could allow an attacker to take control of your system." Security focus also has a note http://www.securityfocus.com/advisories/8430 |
 |
 
|
|
May 11 2005, 05:53 PM
Post
#2
|
|
|
PsYcheDeLiC dR3aMeR  Group: Admin Posts: 2,242 Joined: 29-January 05 From: Nakorn Chaisri, Thailand Member No.: 2,411 |
This only affects Firefox browsers v1.0.2 and down.. The exploits reported there have been found long long back and this report is just a summarization of all of them and explains what the combined impact of these could be.. nothing to fear for people who updates their Firefox regularly..
QUOTE -------------------------------------------------------------------
Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/mozilla-firefox < 1.0.3 >= 1.0.3 2 www-client/mozilla-firefox-bin < 1.0.3 >= 1.0.3 3 www-client/mozilla < 1.7.7 >= 1.7.7 4 www-client/mozilla-bin < 1.7.7 >= 1.7.7 ------------------------------------------------------------------- 4 affected packages on all of their supported architectures. ------------------------------------------------------------------- Source: http://www.securityfocus.com/advisories/8430 |
|
|
|
|
May 11 2005, 07:56 PM
Post
#3
|
|
|
Teh Teckeh Trekkeh  Group: Members Posts: 682 Joined: 8-September 04 From: Scotland, UK Member No.: 389 |
Yes Firefox is rated extremely critical right now but 1.0.4 is ready just about ready to ship.
*Plays Back to the future 3 theme (It relates, its like the cavalry charging in, mozilla in this case) But UMO (update.mozilla.org) has been changed so that one of the two patches has been nullified right where it stands so the warning arent as high as people claim and Firefox will still get to the top! Better to patch often than once a year like IE! |
|
|
|
|
May 13 2005, 07:21 AM
Post
#4
|
|
|
Way Out Of Control - You need a life :) Group: Members Posts: 1,366 Joined: 14-September 04 From: Nottingham England Member No.: 570 |
Fortunatly, i think the exploits are OS specific.
i tried my firefox againsed the proof of concept domo's and i passed, even when running a vunerable version. or maybe i accidently ompiled it without a feature the exploit needs, who knows, lol. |
|
|
|
|
May 13 2005, 07:35 AM
Post
#5
|
|
|
PsYcheDeLiC dR3aMeR Group: Admin Posts: 2,242 Joined: 29-January 05 From: Nakorn Chaisri, Thailand Member No.: 2,411 |
Have you guys noticed one thing - how quickly these rebuilds of FireFox comes out ?? I mean even before the exploit issue became WIDELY KNOWN through news media and forum posts, my FireFox Update Icon started glowing red and I had it all nicely patched up - even before tansgrx made this post.. lol.. That's what I love about open source
 Long Live The Fiery FOX !! |
|
|
|
|
May 13 2005, 09:44 AM
Post
#6
|
|
|
Teh Teckeh Trekkeh Group: Members Posts: 682 Joined: 8-September 04 From: Scotland, UK Member No.: 389 |
They went at some speed through the Release candidates from what I could see, there was like 60 builds taken in one day and they came to the end pretty darn fast. 1.1 is supposed to have a patch system now instead of a whole new browser.
|
|
|
|
 |
Similar Topics
|
Lo-Fi Version | Time is now: 8th September 2008 - 11:26 AM |