HZGN.COM
welcome to my space
X
Welcome to:hzgn.com
Search:  
 HOME   Six Mozilla Security Bugs Posted
Six Mozilla Security Bugs Posted
Published by: webmaster 2008-11-21

If you're using early copies of the Mozilla open-source Web browser, chances are your PC is vulnerable to attacks via a half-dozen security holes.

Pre-version 1.0 rollouts of the alternative browser project, which is backed by AOL-Time Warner's Netscape unit, contain about a half-dozen vulnerabilities.

It appears most of the bugs, which were posted on the BugTraq security list this week, have already been corrected in the latest version of Mozilla but at least one of the flaws is still affecting versions 1.0.1 and 1.1. (Download latest Mozilla releases here).

The BugTraq updates to the earlier Red Hat advisory said the most serious HTTP/HTTPS Redirection Weakness do not adequately warn Mozilla users when they are being redirected from secure sites to other secure sites via non-secure sites. Because this is a key issue when browsing and shopping at e-commerce sites, this flaw is considered crucial.

Another flaw with the XMLSerializer object may allow an intruder to gain access to properties of another domain in a frame or iframe. The XMLSerializer feature comes with Mozilla's XMLExtras.

According to the advisory, improper implementation of the onkeypress function for the space bar can cause multiple confirmations via a single key press. "This could potentially allow the confirmation of a malicious XPI to be installed into the client," it warned.

Another bug relates to a memory corruption bug that is triggered when document.open() is called as the action to be performed when a form is submitted. "Under certain circumstances processing this data will result in memory corruption, resulting in a denial of service," the advisory added.

Mozilla and Firefox Are Vulnerable, Not Just IE - OReilly Windows ::
What do you think about security bugs in IE, Mozilla, and Firefox? Let me know. Comments ever taken the Mozilla Foundation or Opera six months to even
http://www.oreillynet.com/windows/blog/2004/08/mozilla_and_firefox_are_vulner.htmlHOME
The six vulnerabilities come on the heels of a previously-reported privacy leak within Mozilla that springs data on the Web surfing movements of users.

That flaw exposes the URL of the page a user is viewing to the Web server of the site visited last, allowing a Web site to track where a viewer goes next regardless of whether the URL is entered manually or via a bookmark. It affects Mozilla browser versions 0.9x, 1.0, 1.0.1, 1.1 and 1.2 alpha; Netscape 6.x and 7; Galeon 1.2.x and Chimera 0.5.

Firefox Sports More Bugs, But IE Takes 9 Times Longer To Patch ::
vulnerabilities for IE, Firefox, and Safari have increased in the last six months. Mozilla Corp. released four security updates to its production edition of
http://www.techweb.com/wire/security/193005335HOME
Mozilla users are urged to disable JavaScript as a temporary workaround until a fix is issued. The flaw exists in the "onunload" handler which loads an image from the referring server about a user's surfing movements.

Mozilla has released the 1.1 upgrade to provide increased support for Linux and Mac platforms but the privacy flaw remains in the upgrade, researchers warned.


SOAP 1.2 Passage Snagged By IP Issues
China to be Stronghold for Open Source

#If you have any other info about this subject , Please add it free.#
Your name:
E-mail:
Telphone:

Your comments:


If you have any other info about Six Mozilla Security Bugs Posted , Please add it free.
 
About us |Contact us |Advertisement |Site map |Exchange links
Copyright© 2008hzgn.com All Rights Reserved