2005-01-07/Security Issues in Mozilla

  • Thread starter Thread starter ic
  • Start date Start date
ic

ic

MyBroadband
Super Moderator
Joined
Nov 8, 2004
Messages
14,812
Reaction score
268
Location
A nearby event horizon
2005-01-07/Security Issues in Mozilla, FireFox & ThunderTweety

Full Story: 2005-01-07/Security Issues in Mozilla
"SecurityFocus has released a security warning with three problems that affect Mozilla on all platforms. The first issue allows the source of a download to be spoofed, generating a fake URL. This security issue is really easy to replicate: Create a long URL and the downloading box will only display its ending (Mozilla and Firefox). The second issue was created by the way that Mozilla's browsers handle news:// links to newsgroups, hackers can easily create false links and create a buffer overflow (Mozilla 1.7.5 and below, Firefox versions before 1.0). The third exploit affects machines with multiple users. The way that Firefox and Thunderbird store files allows every user to see them and to probably catch the other user's surfing habits (Firefox and Thunderbird). Let's hope that these will be fixed soon!"
Click to expand...
 
Last edited:
Update

Probably a good reason to be running Mozilla 1.7.5 or Firefox 1.0, which corrects these issues. See the actual security advisory referenced in the slashdot article.

If the gentle reader is running SuSE Linux 9.0, I have not noticed the update to 1.7.5 on the YaST Online Update. I used the RPM available at ftp://ftp.suse.com/pub/projects/mozilla/. If you do too, you may need to adjust your Launch Feedback in the KDE Control Centre.
 
Last edited:
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X