Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 21 Dec 2014, 14:10
All times are UTC - 4
 Forum index » Taking the Puppy out for a walk » Announcements
Firefox suffers first 'extremely critical' security hole
Moderators: Flash, Ian, JohnMurga
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
babbs


Joined: 10 May 2005
Posts: 397
Location: Running down a highway in Virginia, USA.

PostPosted: Wed 11 May 2005, 02:33    Post_subject:  Firefox suffers first 'extremely critical' security hole  

FYI... I don't know if this problem is in Firefox alone or if it is in the Mozilla browser too...

-----

Firefox suffers first 'extremely critical' security hole

By Matthew Broersma
Techworld
09 May 2005

Firefox has unpatched "extremely critical" security holes and exploit
code is already circulating on the Net, security researchers have
warned.

The two unpatched flaws in the Mozilla browser could allow an attacker
to take control of your system.

<snip>

Full article at:
http://www.techworld.com/security/news/index.cfm?NewsID=3619
Back to top
View user's profile Send_private_message 
Ian
Official Dog Handler


Joined: 04 May 2005
Posts: 1237
Location: Queensland

PostPosted: Sun 22 May 2005, 07:02    Post_subject:  

Just found this on the net.

The Mozilla Foundation on Wednesday shipped a new version of its flagship Firefox Web browser to patch a serious security hole that could put users at risk of computer takeover.

The flaw, which was discovered and reported by Internet Security Systems Inc., causes a buffer overflow because of the way GIF files are processed by Firefox.

Developed by CompuServe in the 1980s, the GIF format is widely used on the Web because of the improved file-compression features it offers.

"There have been no known exploits of the bug, but as Mozilla is committed to delivering the most secure product possible, we decided to quickly issue an update to patch the bug," said Chris Hoffman, director of engineering at Mozilla.

Did you read the comments at the bottom of that article, they got pretty heated in some parts but some were funny.
Back to top
View user's profile Send_private_message 
babbs


Joined: 10 May 2005
Posts: 397
Location: Running down a highway in Virginia, USA.

PostPosted: Sun 22 May 2005, 08:36    Post_subject:  

Staying on top of the exploits can be a full time job. Here are a few of the Mozilla exploits that I could find (date posted -- description):

Sat 21-May-2005 -- Mozilla Firefox view-source:javascript url Code Execution Exploit
Sun 08-May-2005 -- Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit
Mon 18-Apr-2005 -- Mozilla Suite and Firefox "Link" Code Execution Exploit
Sun 17-Apr-2005 -- Mozilla Suite and Firefox "favicons" LINK Code Execution Exploit
Sun 17-Apr-2005 -- Mozilla Firefox Sidebar Code Execution Proof of Concept Exploit

All we can do is be aware and update as appropriate...
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Taking the Puppy out for a walk » Announcements
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0415s ][ Queries: 12 (0.0036s) ][ GZIP on ]