It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

SCI/TECH: Critical Flaw Plagues Mozilla

page: 1
0

log in

join
share:

posted on Jan, 13 2005 @ 01:07 AM
link   
A critical flaw has been found in the Mozilla suite browsers. This does not include the standalone Firefox browser. The flaw is found on all suites before version 1.7.5. Those who are running these versions of the browser are encouraged to download the latest version from the listed URL.
 



www.vnunet.com
Security experts have found a critical flaw in the Mozilla browser, days after the disclosure that the Firefox browser was vulnerable to phishing scams.

The flaw is in the browser's handling of the Network News Transfer Protocol (NNTP), which is used to post and distribute Usenet messages. All Mozilla browsers before version 1.7.5 have the flaw.

In order to exploit the flaw hackers would have to craft a long news:// address and which would crash the application and possibly allow code to be inserted onto the target machine.

"I found a flaw in NNTP handling code which may cause heap overflow and allow remote attacker to execute arbitrary code on client machine," said Maurycy Prodeus, from security firm iSEC security research.




Please visit the link provided for the complete story.


I just uninstalled Mozilla 1.0 from my computer. I had downloaded it to play around with it a little to compare it to IE. The new version on the site is 1.7 and I'm not sure if that is a vulnerable version or not. Everyone who runs Firefox should be aware of this. I'm not saying that this is worse than any of the IE flaws, but it sure proves that Firefox is not as safe as some have claimed.

Related News Links:
techrepublic.com.com
www.osdir.com
www.pcworld.com
www.businessweek.com

Related AboveTopSecret.com Discussion Threads:
For all you Firefox Mozilla Lovers out there who like to Dis IE

[edit on 13-1-2005 by Banshee]




posted on Jan, 13 2005 @ 03:32 AM
link   
Just a heads up Grady, but they are talking about the Mozilla Suite NOT Firefox which is still at 1.0. I have been using Mozilla software for 8 months now and the number of popups and spyware has gone down 100 %. Yup thats right completely gone! As opposed to IE where i got adware/spyware pretty much weekly as I usually left my comp on. Now I have little to worry about because as soon as a crit flaw is found it is fixed much more quickly then the alternatives. The reason I believe Mozilla software is more secure is the number of eyeball/hours that is sunk into coding, debugging and testing. Not to mention quick rollout of release candidates and official patches, much faster then MS IMHO.

[edit on 13-1-2005 by sardion2000]



posted on Jan, 13 2005 @ 06:49 AM
link   
"What´s mozilla, I aint never heard about it before,"

"ahem, excuse me mr. president,"...whisper..whisper

"What the hell! Free you say, FREE!?? ,"

"yes..and," ...whisper..whisper

"WE CAN´T TAX IT!!!!!!!! THAT´S GOD DAMN UNAMERICAN, WHERES MY BLASTED LAW BOOK, there´s gotta be something in there covering this type of BLASPHEME,"



posted on Jan, 13 2005 @ 10:23 AM
link   


love the post, president_bush


despite potential flaws, mozilla is definitly more user-friendly than IE. hey, it's free and not tied to the hegemon that is microsoft. give it some time to work out the gliches.



posted on Jan, 13 2005 @ 10:32 AM
link   
Thanks for the heads up, but there may be those who use Mozilla suite who will need this information. It's not the worst of flaws, but it is something to be aware of. According to some write-ups, the fix will come out with the next version.



posted on Jan, 13 2005 @ 10:46 AM
link   

Originally posted by GradyPhilpott
Thanks for the heads up, but there may be those who use Mozilla suite who will need this information. It's not the worst of flaws, but it is something to be aware of. According to some write-ups, the fix will come out with the next version.


Oh don't get me wrong I totally agree, but seeing that this isn't all too bad it might not be patched for at least a couple of weeks at most. Severe problems get patched in days not weeks like MS.



posted on Jan, 13 2005 @ 11:34 AM
link   
How many of you use mozzila to get data from news:// sites anyway?



posted on Jan, 13 2005 @ 11:43 AM
link   

Originally posted by HowardRoark
How many of you use mozzila to get data from news:// sites anyway?



Umm whats a news:// site. I have never seen that prefix before, is it new? Or really old and obscure?



posted on Jan, 13 2005 @ 03:34 PM
link   
Saving of the favorites folder is of vital importance. When I upgraded Mozilla, all the favorites were deleted, gone, nowhere to be found. This was the toolbar favorites as well.



posted on Jan, 13 2005 @ 03:45 PM
link   

Originally posted by websurfer
Saving of the favorites folder is of vital importance. When I upgraded Mozilla, all the favorites were deleted, gone, nowhere to be found. This was the toolbar favorites as well.


That was in FireFox beta I believe, doesn't happen to me anymore when I upgraded from 1.0PR 1.0Full



new topics

top topics



 
0

log in

join