Mozilla to fix 9-month-old JAR URL handling bug

  2007-11-20 06:30:03
The XSS flaw, found in the Firefox JAR URL handler, is a problem child endemic to just about anything Web 2.0. Mozilla is working to fix a flaw in the JAR URL handler that could leave Firefox users open to cross-site scripting attacks that are impossible for anti-virus programs to prevent. It turns out that the vulnerability, first reported in February by Jesse Ruderman, is far more serious than first realized. In fact, it turns out to be endemic to"almost everything that smells like Web 2.0," security researcher Petko D. Petkov, also known as"pdp" of GNUCitizen, wrote in a Nov. 7 posting. 
  PNG Image  PNG Image  PNG Image
  Related tags  


This particular article has been collected via RSS syndication. We apologize if it's too brief.
If You wish to publish articles on LinuxStreet.net please contact us.


  Similar articles found on LinuxStreet  
ImageMozilla Messaging patches Thunderbird bugs
ImageGNUmed 0.2.8.0 released
ImageMozilla finally renovates Firefox add-on site
ImageMozilla Weave... Mozilla is trying to be more social
ImageA first look at the Firefox 3 visual refresh for Linux
ImageMozilla Weave Adds a Few Stitches
ImageMozilla Thunderbird to Find New Home as Mozilla Foundation Focuses on Mozilla Fi ...
ImageSpeed Up Firefox web browser
ImageMozilla Foundation Searching for Executive Director to Replace Frank Hecker
ImageMozilla Discloses 2005 Revenues: $53M

Leave a comment on this article


Captcha

  
Check this if the code you see is not readable and resubmit the form.
(Data you entered will be preserved)



  

Comments (0)





© 2006-2008 LinuxStreet | Valid CSS | Valid XHTML | Service | Privacy | Add to Favorites
Currently 13 visitor(s) online | Page generated in 0.1603s | SQL Queries: 5 | Powered by SharkCMS