May 9, 2005

Firefox -- first Vulnerabilities found

Firefox is the open source web browser, part of the Mozilla project. Immensely popular (over 50 million downloads so far) and one of its claims to fame is that being a different set of code from internet Explorer, it was immune to the various nasties that attack browsers (browser hijack, mal-ware, malicious pop-ups, zombie takeovers, etc...) Here is a website that offers information on what may be the first known vulnerabilities to Firefox.
Firefox Vulnerabilities: The Official Word
Mozilla acknowledged that there are flaws in Firefox that can make things uncomfortable for the users of the open-source browser.

Although there have been no reports of systems falling victim because of the vulnerabilities, the potential for cross-site scripting attacks prompted Secunia to slap an "extremely critical" rating on the bugs. Web surfers this weekend got a taste of how damaging a successful attack can be to with a proof of concept as well as the release of exploit code by the Greyhats Security Group, according to an InternetNews report.

Today, Mozilla posted a security advisory summarizing the nature of the flaws as well as ways to cut the chances of an unfortunate run-in with a maliciously coded website.
The website gives a link to a dummy malicious website that you can use to test your copy of Firefox. Overall, Firefox is a great browser -- there are a few things that it would not do so I am still sticking with IE for the moment but I am looking at it with each new version. Opera is an alternative browser to check out too -- commercial but worth a look... Posted by DaveH at May 9, 2005 10:02 PM
Comments
Post a comment









Remember personal info?