Sunday, February 10th 2008

Firefox 2.0.0.12 Still Vulnerable to Hacks

Just a few hours after Mozilla promised the public they were safe from hackers while using Firefox 2.0.0.12, a hacker went and found a way around the patch. The hacker, named Ronald van den Heetkamp, has this to say to the Firefox developer team.
Don't patch vulnerabilities for fifty percent, take the time and fix the cause. Because directory traversal through plugins is all nice and such, we don't need it. We can trick Firefox itself in traversing directories back. I found another information leak that is very serious because we are able to read out all preferences set in Firefox, or just open or include about every file stored in the Mozilla program files directory, and this without any mandatory settings or plugins.
Ronald van den Heetkamp recommends installing the NoScript add-on, or simply using an alternative browser, until Mozilla fixes this bug.Source: Neowin.net
Add your own comment

8 Comments on Firefox 2.0.0.12 Still Vulnerable to Hacks

#1
Dangle
I thought IE was the only browser vulnerable to hax. Guess Ravenas was wrong.
Posted on Reply
#2
Ravenas
by: Dangle
I thought IE was the only browser vulnerable to hax. Guess Ravenas was wrong.
What?
Posted on Reply
#3
btarunr
Editor & Senior Moderator
:laugh: the thumb-rule wins again, that if something is popular, it faces security vulnerabilities. Mozilla is faced with the same and from what I hear they're working harder (than MS) and are still falling short of the resources to quickly address security issues. Go Opera :cool:
Posted on Reply
#4
Ravenas
by: btarunr
:laugh: the thumb-rule wins again, that if something is popular, it faces security vulnerabilities. Mozilla is faced with the same and from what I hear they're working harder (than MS) and are still falling short of the resources to quickly address security issues. Go Opera :cool:
Or Safari :)
Posted on Reply
#5

Great...

Ahh anyway I have NoScript!
#6
pabloc74
i still waiting firefox 3.*:ohwell:
Posted on Reply
#7
1c3d0g
by: btarunr
:laugh: the thumb-rule wins again, that if something is popular, it faces security vulnerabilities. Mozilla is faced with the same and from what I hear they're working harder (than MS) and are still falling short of the resources to quickly address security issues. Go Opera :cool:
No one claimed Firefox is flawless, but they do address and fix security issues faster than most companies.
Posted on Reply
#8
cool_recep
I can't hear Firefox fans. heheh....

Are you there?

[I use Firefox ATM but Opera is better]
Posted on Reply