WTF ... IS WTF!?
We are a collective of people who believe in freedom of speech, the rights of individuals, and free pancakes! We share our lives, struggles, frustrations, successes, joys, and prescribe to our own special brand of humor and insanity. If you are looking for a great place to hang out, make new friends, find new nemeses, and just be yourself, WTF.com is your new home.

'Extremely Critical' Bugs Found In Firefox

gurlgonewild

Was machen Sie?
1,086
0
0
#1
for entire article: http://informationweek.com/story/showArticle.jhtml?articleID=163100338

'Extremely Critical' Bugs Found In Firefox

A pair of unpatched vulnerabilities in Mozilla's Firefox browser could allow an attacker to take control of a PC simply by getting a user to visit a malicious Web site, Mozilla says.


[font=geneva,arial,helvetica]By Gregg Keizer
May 9, 2005
[/font]
A pair of unpatched vulnerabilities in Mozilla's Firefox Web browser -- rated as "extremely critical" by one security firm -- could allow an attacker to take control of a PC simply by getting a user to visit a malicious Web site, Mozilla said Sunday.

Because proof-of-concept code has been leaked -- as were the vulnerabilities -- before a patch was ready, Mozilla recommended that Firefox users either disable JavaScript or lock down the browser so it doesn't install additional software, such as extensions" or themes, from Web sites.

The vulnerabilities were discovered by a pair of security researchers, who had notified Mozilla earlier in the month, but were keeping mum until a patch was written. However, details of the vulnerabilities were leaked by someone close to one of the researchers.
Doh!
 

JLXC

WTF's Official Conspiracy Fanatic
Premium
7,550
264
302
#2
Ouch. Nothing is immune to being hacked, nothing.
 

Jung

???
Premium
13,993
1,401
487
#3
JLXC said:
Ouch. Nothing is immune to being hacked, nothing.
Quite obviously. BUT, those bugs were fixed by the time the 'proof of concept' exploit was released. That's the major difference in the open source world and proprietary software. This security hole was fixed within a day, on Mozilla's site, where as IE exploits from 6 months ago are still unaddressed.

https://do-not-add.mozilla.org/extensions/?application=firefox