Nov 22, 2009

Critical Flaw Found In Firefox

 		free web hosting
Open Discussion & Free Web Hosting > Computers & Tech > Security issues & Exploits

Critical Flaw Found In Firefox

tansqrx
May 11 2005, 02:34 PM
I don't want to spam by posting the entire article but this was brougt to my attention by an email posting at work. Since I have not seen it in this thread here it is. The full atricle can be found at http://news.yahoo.com/s/pcworld/120756

"Firefox has unpatched "extremely critical" security holes and exploit code is already circulating on the Net, security researchers have warned.

The two unpatched flaws in the Mozilla browser could allow an attacker to take control of your system."

Security focus also has a note

http://www.securityfocus.com/advisories/8430

Comment/Reply (w/o sign-up)

miCRoSCoPiC^eaRthLinG
May 11 2005, 05:53 PM
This only affects Firefox browsers v1.0.2 and down.. The exploits reported there have been found long long back and this report is just a summarization of all of them and explains what the combined impact of these could be.. nothing to fear for people who updates their Firefox regularly..

QUOTE
    -------------------------------------------------------------------
    Package                        /  Vulnerable  /      Unaffected
    -------------------------------------------------------------------
  1  www-client/mozilla-firefox          < 1.0.3            >= 1.0.3
  2  www-client/mozilla-firefox-bin      < 1.0.3            >= 1.0.3
  3  www-client/mozilla                  < 1.7.7            >= 1.7.7
  4  www-client/mozilla-bin              < 1.7.7            >= 1.7.7
    -------------------------------------------------------------------
    4 affected packages on all of their supported architectures.
    -------------------------------------------------------------------

Source: http://www.securityfocus.com/advisories/8430

 

 

 


Comment/Reply (w/o sign-up)

Trekkie101
May 11 2005, 07:56 PM
Yes Firefox is rated extremely critical right now but 1.0.4 is ready just about ready to ship.

*Plays Back to the future 3 theme (It relates, its like the cavalry charging in, mozilla in this case)

But UMO (update.mozilla.org) has been changed so that one of the two patches has been nullified right where it stands so the warning arent as high as people claim and Firefox will still get to the top! Better to patch often than once a year like IE!

Comment/Reply (w/o sign-up)

qwijibow
May 13 2005, 07:21 AM
Fortunatly, i think the exploits are OS specific.
i tried my firefox againsed the proof of concept domo's and i passed, even when running a vunerable version.

or maybe i accidently ompiled it without a feature the exploit needs, who knows, lol.

Comment/Reply (w/o sign-up)

miCRoSCoPiC^eaRthLinG
May 13 2005, 07:35 AM
Have you guys noticed one thing - how quickly these rebuilds of FireFox comes out ?? I mean even before the exploit issue became WIDELY KNOWN through news media and forum posts, my FireFox Update Icon started glowing red and I had it all nicely patched up - even before tansgrx made this post.. lol.. That's what I love about open source smile.gif

Long Live The Fiery FOX !!

Comment/Reply (w/o sign-up)

Trekkie101
May 13 2005, 09:44 AM
They went at some speed through the Release candidates from what I could see, there was like 60 builds taken in one day and they came to the end pretty darn fast. 1.1 is supposed to have a patch system now instead of a whole new browser.

Comment/Reply (w/o sign-up)

Got an Opinion! Express your Views! (no registration):-
Add your Reply/ Opinion/ Views/ Comments/ Suggestion/ Questions/ Queries etc.
Posts with decent grammar & English will be accepted and please refrain from profanities.
For asking a Question, We recommend you to sign-up (for free) so that you can track the topic easily.
Nature of your Post*: Opinion/ Reply/ Comments
Question/Query
Feedback to us.
       
Name   Email
Title/Question*

This textarea will convert to Rich-Text automatically (IE, Firefox, Chrome)

Similar Topics

Keywords : critical, flaw, found, firefox

  1. Critical Bug In Yahoo! Messenger Webcam Activex
    (3)
  2. Foxtorrent: Download Torrents From Within Firefox
    (1)
    Hey! Good news ! for all torrent users !!! QUOTE Tech-buzz.net have just shared details of a
    new torrent extension for Firefox caled FoxTorrent, that has been leaked by Redswoosh. FoxTorrent
    does all the usual things we have come to expect from a torrent service. However it has one feauture
    that I think many people will find useful. It can play streamable media (e.g. .WMV, .MOV, .MP3)
    files as your torrent downloads and can download torrents at a greater speed by using BitTorrent and
    Redswoosh at the same time. There are some restrictions on the beta like only b....
  3. How To Double Firefox Speed
    (5)
    1. Type about:config in the address bar and then press Enter. 2. In the filter search bar type
    network.http.pipelining . Be sure the value field is set true ,if not double-click to set true .
    3. Go back to the filter search bar and type network.http.pipelining.maxrequests . Double-click
    this option and set its value to 8 . 4. In the filter search bar and type
    network.http.proxy.pipelining . Once opened double-click on it and set it to true . 5. In
    IPv6-capable DNS servers, an IPv4 address may be returned when an IPv6 address is requested. It is
    possible for Mozi....
  4. Microsoft Xmlhttp Activex Control Code Execution Vulnerability
    Extremely critical (0)
    Another vulnerability to XP has been found by Security research firm Secunia. QUOTE
    Description: A vulnerability has been reported in Microsoft XML Core Services, which can be
    exploited by malicious people to compromise a users system. The vulnerability is caused due to an
    unspecified error in the XMLHTTP 4.0 ActiveX Control. Successful exploitation allows execution of
    arbitrary code when a user e.g. visits a malicious website using Internet Explorer. NOTE: The
    vulnerability is already being actively exploited. QUOTE Solution: Microsoft has recommended
    va....
  5. Ld Window Injection Flaw Reappears In Ie 7
    Flaw reappeared again (7)
    I just read an article on eWEEK about a vulnerability that was in 2004 is still present in the
    latest Internet Explorer 7.The flaw is rated as moderately critical by Secunia. Here is a short
    discription about the problem QUOTE "The problem is that a Web site can inject content into
    another site's window if the target name of the window is known," said Secunia, in Copenhagen,
    Denmark. Quote From eWeek. Do you think IE is going to be a secure browser?....
  6. New Firefox Update 1.5.0.4
    (10)
    This update fixes several security issues found in firefox such as HTTP smuggling and XSS issues.
    It also improves stability with updates to memory and crashin issues. Unfortunately, it does not
    fix the javascript issue I have identified. To get or for more info go to the update page . ~Viz....
  7. Hackers Publish Code For Critical Ie Bug
    (0)
    security researchers in the U.K. have now published "proof of concept" code for unpatched bug in
    the way Microsoft Internet Explorer browser handles the JavaScript computer language. It shows
    how hackers could exploit the problem and possibly take over a Windows system. According to Russ
    Cooper, this vulnerability has been around since May. the malicious code can be launched by just
    one simple click on a Web link. All users of Internet Explorer version 5.5 and 6.x are affected by
    the vulnerability you may turn off JavaScript in Internet Explorer's Internet....
  8. Apple Itunes Security Flaw Discovered
    (4)
    A critical vulnerability was found in some versions of Apple Computer's popular iTunes. This
    vulnerability could enable attackers to remotely take over a user's computer This vulnerability
    existed on the earlier version of iTunes 6. However, Itwas not fixd by the newest security update.
    iTunes 6 Windows version are affected. They are still trying to determine whether Mac OS X version
    affected. http://news.com.com/Apple+iTunes+security+...ml?tag=nefd.top ....
  9. Microsoft Critical Patch Can Cause Serious Problem
    (8)
    Installing the patch (MS05-051), which was released Tuesday to fix four Windows flaws in Windows
    2000, Windows XP and Windows Server 2003 is causing serious problems for some users. according to
    C|Net News.com, users will be locked out of their PC, the Windows Firewall wont be started, certain
    applications may be blocked from running or installing, and the network connections folder will be
    emptied. This happen only when you change the default permission settings on a Windows directory.
    The solution is unstall this patch or restore the default permissions for t....
  10. Update Your Firefox!
    Another flaw has been found in Firefox (8)
    Another flaw has been found in Firefox browser. This exploit affects Unix/Linix systems, not
    Windows. And the latest version 1.07 contains a fix. You guys, who are using older version in
    Unix/Linix systems, should update your firefox as soone as possible. It shows that firefox is just
    not saft enough. It has good track record just simply because it wasn't used enough. Firefox
    browser is as vulnerable as any other popular browser on the market.....
  11. Firefox Speed Tweaks
    How to make Firefox open websites faster (16)
    Note: The one posted here is not the same thing. This one has been tested and increases the
    speed, an update to perform these same steps is avalailable on the mozilline.org forums as well.
    Type in the Address Bar - about:config Then scroll over to the following settings and adjust:
    network.http.max-connections :40 network.http.max-connections-per-server :20
    network.http.max-persistent-connections-per-server :20 network.http.pipelining :True
    network.http.pipelining.maxrequests :32 network.http.proxy.pipelining :True Taken from here ....
  12. Another Vulnerability Was Found In Firefox
    (8)
    http://secunia.com/advisories/14820/ It is about JavaScript Engin, This vulnerability is rated as
    Moderately critical. System information will be exposured to malicious people. Patch has not
    available yet. The vulnerability has been confirmed in versions 1.0.1 and 1.0.2 Does turning off
    the java script help in this suitation???? Firefox does has much user as IE, but more and more
    vulnerability are found. I remember that some people said firefox is the most securest internet
    browser. How about now??....
  13. Microsoft's security program manager...
    use firefox ???? (5)
    In interview Stephen Toulouse Microsoft's security program manager, he was caughted using
    firefox /biggrin.gif" style="vertical-align:middle" emoid=":D" border="0" alt="biggrin.gif" />,
    maybe ie really sucks, themselves not dare to use it... and beside it have 102012923239231 security
    holes... QUOTE Meanwhile, Firefox and Opera look awfully appealing. Security is really an
    industry-wide problem. Just this morning I had to install an update to Firefox to block a flaw
    that would've allowed an attacker to run a program on my system. http://www.wired....


      14. Looking for critical, flaw, found, firefox

See Also,

*SIMILAR VIDEOS*
Searching Video's for critical, flaw, found, firefox
advertisement



Critical Flaw Found In Firefox

Affordable Web Hosting, Low cost Web Hosting - ComputingHost.com