|
Critical Firefox flaw exposed (pg. 2)
|
View this Thread in Original format
| sensorium |
| quote: | Originally posted by _Nut_
I wonder if this carries through to Firefox2? |
Judging by the concern the Mozilla security staffer showed, it seems likely.
Plus, how can the Mozilla team have fixed something they were unaware of? |
|
|
| Lilith |
Using java too hack and hijack browsers isnt exactly a new thing.
Guess if you where that paranoid about it all then turn off javascript or limit what it can do in the browsers options. |
|
|
| kadomony |
| quote: | Originally posted by jennypie
Haha! Spiegelmock!! LOLOLOLOL |
hahahah Windows Synder! OLOL |
|
|
| biznology |
sounds like a javascript issue, and firefox has a proggie to deal with java allowance.
its annoying, but it saves a lot of grief| |
|
|
| Sushipunk |
Thanks Nou, I just installed opera now.
Nice! :) |
|
|
| Igaryok |
| quote: | Originally posted by Sushipunk
Thanks Nou, I just installed opera now.
Nice! :) |
Opera is sweet, but it gets annoying when it doesn't work right with certain web pages. |
|
|
| _Nut_ |
| quote: | Originally posted by biznology
sounds like a javascript issue, and firefox has a proggie to deal with java allowance.
its annoying, but it saves a lot of grief| |
ScriptBlocker. Live by it and love it!! :) |
|
|
| Silky Johnson |
| quote: | Originally posted by kadomony
hahahah Windows Synder! OLOL |
:haha: |
|
|
| kid nyce |
To me sounds like the dude got paid to say that and told FF/Mozilla what the flaw was and how to patch it.
he must have a nice lump of cash in his account now =) |
|
|
| DOOMBOT |
| quote: | The Firefox exploit that wasn't - Hackers backpedal
Humphrey Cheung
October 3, 2006 20:01
San Diego (CA) - The much reported Firefox vulnerabilities and exploits from the Toorcon computer security conference appear to be greatly exaggerated. A pair of hackers claimed to have found 30 undisclosed vulnerabilities on the popular browser and even boasted that they could execute malicious code. Now, one of the hackers, Mischa Spiegelmock, has apologized for the talk, saying that its main purpose was "to be humorous".
Spiegelmock and another hacker going by the pseudoname "Andrew Wbeelsoi" spoke to a packed audience on Saturday and talked about a Javascript vulnerability that could overload the stack and then allow remote code execution. Immediately Mozilla officials and other hackers worked to replicate the vulnerability and patch the code.
But it turns out that there was no such vulnerability. Spiegelmock emailed Mozilla a statement which has now been posted on their Mozilla website. He says that the talk was meant to be entertaining and "humorous" and that the exploit code did not give remote execution privileges to a hacker. He adds, "I do not have 30 undisclosed Firefox vulnerabilties".
The Firefox browser has become a very successful alternative browser for people who are tired of Microsoft Internet Explorer. In some markets, the award winning browser has a higher share than IE.
Despite the exaggerations, Mozilla is leaving nothing to chance and Window Snyder, Mozilla's chief of security says, "We still take this issue seriously. We will continue to investigate." |
|
|
|
|
|
