• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Firefox 2.0.0.12 Still Vulnerable to Hacks

Joined
Jan 29, 2006
Messages
9,066 (2.07/day)
Likes
287
Location
My house.
Processor AMD Athlon 64 X2 4800+ Brisbane @ 2.8GHz (224x12.5, 1.425V)
Motherboard Gigabyte sumthin-or-another, it's got an nForce 430
Cooling Dual 120mm case fans front/rear, Arctic Cooling Freezer 64 Pro, Zalman VF-900 on GPU
Memory 2GB G.Skill DDR2 800
Video Card(s) Sapphire X850XT @ 580/600
Storage WD 160 GB SATA hard drive.
Display(s) Hanns G 19" widescreen, 5ms response time, 1440x900
Case Thermaltake Soprano (black with side window).
Audio Device(s) Soundblaster Live! 24 bit (paired with X-530 speakers).
Power Supply ThermalTake 430W TR2
Software XP Home SP2, can't wait for Vista SP1.
#1
Just a few hours after Mozilla promised the public they were safe from hackers while using Firefox 2.0.0.12, a hacker went and found a way around the patch. The hacker, named Ronald van den Heetkamp, has this to say to the Firefox developer team.
Don't patch vulnerabilities for fifty percent, take the time and fix the cause. Because directory traversal through plugins is all nice and such, we don't need it. We can trick Firefox itself in traversing directories back. I found another information leak that is very serious because we are able to read out all preferences set in Firefox, or just open or include about every file stored in the Mozilla program files directory, and this without any mandatory settings or plugins.
Ronald van den Heetkamp recommends installing the NoScript add-on, or simply using an alternative browser, until Mozilla fixes this bug.

Source: Neowin.net
 

Dangle

New Member
Joined
Dec 13, 2007
Messages
497 (0.13/day)
Likes
15
Location
Reno
System Name Vista
Processor Q6600
Memory 2GB Corsair 800mhz
Video Card(s) 2900XT
Storage 300GB 7.2kRPM Seagate for OS; 74GB 10kRPM WD for Games
Audio Device(s) XFi
Power Supply 750W
#2
I thought IE was the only browser vulnerable to hax. Guess Ravenas was wrong.
 
Joined
May 24, 2007
Messages
4,720 (1.21/day)
Likes
354
Location
Tennessee
System Name AM3+
Processor AMD FX-8350 @ 4715.73 MHz (23.5*200.63 MHz)
Motherboard ASUS Crosshair V Formula-Z AM3+ AMD 990FX SATA 6Gb/s USB 3.0 ATX AMD Motherboard
Cooling AMD 8150 Factory Water Cooler
Memory Corsair XMS3 16 GB 1333 MHz PC3-10666 240-Pin DDR3
Video Card(s) ASUS ROG MATRIX-R9290X-P-4GD5 Radeon R9 290X 4GB 512-Bit GDDR5 PCI Express 3.0
Storage SanDisk Ultra II 480GB, INTEL SS DSC2BW240A4, Western Digital WDC WD50 00AAKX-003CA0
Display(s) Acer S211HL bd 21.5-Inch Widescreen Ultra-Slim LED Display - Black
Case COOLER MASTER Elite 335 Upgraded RC-335U-KKN1 Black Steel / Plastic ATX Mid Tower Computer Case
Power Supply Corsair RM Series 850 Watt ATX/EPS 80PLUS Gold-Certified Power Supply - CP-9020056-NA RM850
Software Windows 10.0 Pro 64 Bit
#3

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
34,486 (9.18/day)
Likes
17,517
Location
Hyderabad, India
#4
:laugh: the thumb-rule wins again, that if something is popular, it faces security vulnerabilities. Mozilla is faced with the same and from what I hear they're working harder (than MS) and are still falling short of the resources to quickly address security issues. Go Opera :cool:
 
Joined
May 24, 2007
Messages
4,720 (1.21/day)
Likes
354
Location
Tennessee
System Name AM3+
Processor AMD FX-8350 @ 4715.73 MHz (23.5*200.63 MHz)
Motherboard ASUS Crosshair V Formula-Z AM3+ AMD 990FX SATA 6Gb/s USB 3.0 ATX AMD Motherboard
Cooling AMD 8150 Factory Water Cooler
Memory Corsair XMS3 16 GB 1333 MHz PC3-10666 240-Pin DDR3
Video Card(s) ASUS ROG MATRIX-R9290X-P-4GD5 Radeon R9 290X 4GB 512-Bit GDDR5 PCI Express 3.0
Storage SanDisk Ultra II 480GB, INTEL SS DSC2BW240A4, Western Digital WDC WD50 00AAKX-003CA0
Display(s) Acer S211HL bd 21.5-Inch Widescreen Ultra-Slim LED Display - Black
Case COOLER MASTER Elite 335 Upgraded RC-335U-KKN1 Black Steel / Plastic ATX Mid Tower Computer Case
Power Supply Corsair RM Series 850 Watt ATX/EPS 80PLUS Gold-Certified Power Supply - CP-9020056-NA RM850
Software Windows 10.0 Pro 64 Bit
#5
:laugh: the thumb-rule wins again, that if something is popular, it faces security vulnerabilities. Mozilla is faced with the same and from what I hear they're working harder (than MS) and are still falling short of the resources to quickly address security issues. Go Opera :cool:
Or Safari :)
 

pabloc74

New Member
Joined
Feb 11, 2008
Messages
184 (0.05/day)
Likes
11
Location
Argentina
System Name Pabloc74
Processor i7 920
Motherboard Asus P6T Deluxe V2
Cooling Corsair H50
Memory Gskill 6gb Trident 2000mhz
Video Card(s) Sapphire 5870 Vapor-X
Storage Corsair Force GT 120gb + Samsung F1 1tb
Display(s) Samsung T260
Case Corsair Obsidian
Audio Device(s) X-Fi Titanium Fatality
Power Supply Corsair HX1000
Software Windows 7 Ultimate x64
Benchmark Scores no benchs!, machine use for gaming only!
#7
i still waiting firefox 3.*:ohwell:
 
Joined
Dec 9, 2007
Messages
746 (0.20/day)
Likes
88
#8
:laugh: the thumb-rule wins again, that if something is popular, it faces security vulnerabilities. Mozilla is faced with the same and from what I hear they're working harder (than MS) and are still falling short of the resources to quickly address security issues. Go Opera :cool:
No one claimed Firefox is flawless, but they do address and fix security issues faster than most companies.
 
Joined
Oct 2, 2005
Messages
351 (0.08/day)
Likes
66
Location
Istanbul/Turkey
System Name GS43VR 7RE
Processor Core i7 7700HQ
Motherboard MSI GS43VR 7RE
Cooling Stock
Memory 8 GB DDR4 2400 MHz
Video Card(s) GTX 1060
Storage Samsung 950 PRO
Display(s) 14" IPS
Case Metal
Audio Device(s) Realtek ALC 898
Power Supply Adapter
Mouse Rival 100
Keyboard SteelSeries
Software Windows 10 Version 1703
#9
I can't hear Firefox fans. heheh....

Are you there?

[I use Firefox ATM but Opera is better]