Firefox 2.0.0.5 Risk

by Gayla Baer

According to a message posted over the weekend on the Full-Disclosure mailing list, the latest version of Firefox, 2.0.0.5, contains a password management vulnerability that can allow malicious Web sites to steal user passwords. If you have JavaScript enabled and allow Firefox to remember your passwords, you are at risk from this flaw.

The Mozilla team fixed a similar flaw last November, one which did not require JavaScript. The heise Security Web site contains a demo/proof of concept of the vulnerability risk that you can use to determine your vulnerability.

source

Tags: , , ,

Related posts:

  1. My name is Gayla and I’m a Firefox addict
  2. Keep Your Personal Information Safe Online
  3. MomGadget Contest – Internet Password Organizer
  4. And The Winners of the Internet Password Organizers Are..
  5. Protecting your identity

Tagged as: Disclosure, flaw, full disclosure, list, MAILING, management risk, mozilla team, password, proof of concept, vulnerability risk

{ 2 comments… read them below or add one }

Angela July 23, 2007 at 6:47 pm

Thank you so much for writing about this one Gayla!! I think you just saved me from a huge head ache!!

Heather Bixler July 23, 2007 at 9:17 pm

Yes, thanks for the heads up! I will be changing that funtion on my browser! :)

Leave a Comment

Previous post:

Next post:


Links monetized by Kontera.com Amazon.com cj.com VigLink