Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 17 Apr 2014, 03:08
All times are UTC - 4
 Forum index » Taking the Puppy out for a walk » Announcements
Firefox suffers first 'extremely critical' security hole
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [3 Posts]  
Author Message
babbs


Joined: 10 May 2005
Posts: 397
Location: Running down a highway in Virginia, USA.

PostPosted: Wed 11 May 2005, 02:33    Post subject:  Firefox suffers first 'extremely critical' security hole  

FYI... I don't know if this problem is in Firefox alone or if it is in the Mozilla browser too...

-----

Firefox suffers first 'extremely critical' security hole

By Matthew Broersma
Techworld
09 May 2005

Firefox has unpatched "extremely critical" security holes and exploit
code is already circulating on the Net, security researchers have
warned.

The two unpatched flaws in the Mozilla browser could allow an attacker
to take control of your system.

<snip>

Full article at:
http://www.techworld.com/security/news/index.cfm?NewsID=3619
Back to top
View user's profile Send private message 
Ian
Official Dog Handler


Joined: 04 May 2005
Posts: 1237
Location: Queensland

PostPosted: Sun 22 May 2005, 07:02    Post subject:  

Just found this on the net.

The Mozilla Foundation on Wednesday shipped a new version of its flagship Firefox Web browser to patch a serious security hole that could put users at risk of computer takeover.

The flaw, which was discovered and reported by Internet Security Systems Inc., causes a buffer overflow because of the way GIF files are processed by Firefox.

Developed by CompuServe in the 1980s, the GIF format is widely used on the Web because of the improved file-compression features it offers.

"There have been no known exploits of the bug, but as Mozilla is committed to delivering the most secure product possible, we decided to quickly issue an update to patch the bug," said Chris Hoffman, director of engineering at Mozilla.

Did you read the comments at the bottom of that article, they got pretty heated in some parts but some were funny.
Back to top
View user's profile Send private message 
babbs


Joined: 10 May 2005
Posts: 397
Location: Running down a highway in Virginia, USA.

PostPosted: Sun 22 May 2005, 08:36    Post subject:  

Staying on top of the exploits can be a full time job. Here are a few of the Mozilla exploits that I could find (date posted -- description):

Sat 21-May-2005 -- Mozilla Firefox view-source:javascript url Code Execution Exploit
Sun 08-May-2005 -- Mozilla Firefox 1.0.3 Remote Arbitrary Code Execution Exploit
Mon 18-Apr-2005 -- Mozilla Suite and Firefox "Link" Code Execution Exploit
Sun 17-Apr-2005 -- Mozilla Suite and Firefox "favicons" LINK Code Execution Exploit
Sun 17-Apr-2005 -- Mozilla Firefox Sidebar Code Execution Proof of Concept Exploit

All we can do is be aware and update as appropriate...
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [3 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Taking the Puppy out for a walk » Announcements
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0391s ][ Queries: 11 (0.0038s) ][ GZIP on ]