Language Selection

English French German Italian Portuguese Spanish

Unpatched Firefox 1.5 exploit made public

Filed under
Security

Exploit code for the latest version of open-source browser Firefox was published Wednesday, potentially putting users at risk of a denial-of-service attack.

The exploit code takes advantage of a bug in the recently released Firefox 1.5, running on Windows XP with Service Pack 2. Firefox, which initially debuted over a year ago, has moved swiftly to capture 8 percent of the browser market.

The latest Firefox flaw exists in the history.dat file, which stores information from Web sites users have visited with the Firefox 1.5 browser, according to a posting on the Internet Storm Center, which monitors online threats.

Full Story.

More in Tux Machines

Black Duck's Free Tool Digs Out Open Source Bugs

The main advantage of such tools is ease of use. The main limitation is that a tool is only as effective as its creators' list of vulnerabilities. Using a given tool implies that you trust the vendor to stay alert and on the job, noted King. Developers have "a ton of other similar offerings out there," he said. By offering a free scanner, Black Duck can draw attention to its other products. "If the new tool delivers what the company promises, it will help put the company in good stead with customer developers. Satisfied customers tend to be repeat customers," King said. Read more

Today in Techrights