|
Critical flaw found in Firefox 2.0.0.4 - TechAmok
Critical flaw found in Firefox 2.0.0.4 - [security] 02:46 PM EDT - Jul,10 2007 - post a comment Security research firm
Secunia has found
a security flaw in the latest version of Firefox (2.0.0.4) that it labels
"highly critical." The flaw can reportedly be exploited by malicious users in
order to compromise a victim's machine. The problem is that Firefox registers
the "firefoxurl://" URI handler and allows invoking firefox with arbitrary
command line arguments. Using e.g. the "-chrome" parameter it is possible to
execute arbitrary Javascript in chrome context. This can be exploited to execute
arbitrary commands e.g. when a user visits a malicious web site using Microsoft
Internet Explorer. The vulnerability is confirmed in Firefox version 2.0.0.4 on
a fully patched Windows XP SP2. Other versions may also be affected.
Aside from simply avoiding malicious websites,
Secunia CTO Thomas Kristensen tells CNet that system administrators can get
around the hole by un-registering or removing the Firefox URI handler. Neither
Kristensen nor CNet provides instructions for that procedure, however. |
|
Add your comment (free registrationrequired)
Short overview of recent news articles |
Apr,24 2024 President Biden signs TikTok bill into law Apr,24 2024 The Humble PC Apr,24 2024 Researchers have unlocked the 'Holy Grail' of memory technology Apr,24 2024 The Best Gaming GPU Ever Released, Nvidia GeForce GTX 1080 Ti, 2024 Apr,24 2024 Your Own Private Network Attached Storage Solution by UGREEN Apr,23 2024 ATLAS | Official Trailer | Netflix Apr,22 2024 The World's Fastest CPU (Technically...) - Intel i9-14900KS Apr,22 2024 We can do THIS now! - Lumafield CT Scanner Apr,21 2024 Huawei Pura 70 Ultra - Apple Should be WORRIED Apr,21 2024 Sony 2024 TV Lineup Revealed Apr,20 2024 ICE - A Thousand Suns / Episode 1 Apr,20 2024 Minisforum V3 AMD Tablet Review Apr,20 2024 AMD & Intel SLASH CPU Prices! Apr,20 2024 EK is Imploding: Not Paying Employees, Partners, & Suppliers Apr,20 2024 Backing Up My NAS To My... Parents' House? Apr,20 2024 NEW Ryzen APU BEATS RTX 40 GPUs! Apr,20 2024 (Live) Black Tape Project - All New Raw and Uncut - LA Fashion Week Apr,19 2024 NVIDIA Geforce 552.22 WHQL Driver Apr,19 2024 You Deserve this much OLED - AORUS CO49DQ Apr,19 2024 Unreal Engine 5.4 looks ULTRA PHOTOREALISTIC Apr,18 2024 Radeon RX 5700 XT vs. 7700 XT, 2024 Revisit Apr,18 2024 I Will Build You a PC Right Now! Apr,17 2024 These games carry REAL security risks! BEWARE! Apr,17 2024 Visible First to Offer Annual Payment Plan, with Discount up to 26% Apr,17 2024 Is Coding Still Worth Learning in 2024? Apr,17 2024 All New Atlas - Boston Dynamics Apr,16 2024 The NEW Chip Inside Your Phone! (NPUs) Apr,16 2024 XPS 14 vs 14" MacBook Pro - Apple just KILLED Intel! Apr,15 2024 The Most 2024 Laptop - Razer Blade 14 Review Apr,15 2024 NEVER install these programs on your PC... EVER!!! Apr,14 2024 Use Live Translate on Galaxy S24 series to translate a call's Apr,14 2024 I Tried a Non-Invasive Blood Sugar Watch. Miracle or Scam? Apr,13 2024 Samsung Galaxy Ring - This Just Got Interesting Apr,13 2024 Piracy Is Over Party - WAN Show April 12, 2024 Apr,13 2024 Conan O'Brien Needs a Doctor While Eating Spicy Wings Apr,13 2024 Beatbox Jcob recreats every sound Apr,13 2024 Intel is Gunning for NVIDIA Apr,13 2024 Building a Budget DIY Home Surveillance System Apr,12 2024 Lenovo Yoga Buyers Guide - What's the Best Thin and Light Laptop Apr,11 2024 DARK MATTER Trailer (2024) New Sci-Fi Movies 4K
>> News Archive <<
| |
|