Language Selection

English French German Italian Portuguese Spanish

Flaw found in Firefox

Filed under
Security

Firefox versions 1.0.1 and 1.0.2 contain the vulnerability, the security information company said in an advisory on Monday. The flaw stems from an error in the JavaScript engine that can expose arbitrary amounts of heap memory after the end of a JavaScript string. As a result, an exploit may disclose sensitive information in the memory, Secunia said.

"Unlike other browser flaws, this one is not subject to phishing or access to the system. But it can expose sensitive information from other Web sites you visited and the information you entered there," said Thomas Kristensen, Secunia chief technology officer.

While the flaw is only rated as "moderately critical" by Secunia, the rapid adoption of the open-source browser means that many users may be at risk. Prior to the release of version 1.0, downloads of earlier versions of the browser had reached 8 million within the first 18 months.

The Mozilla Foundation, which makes the Firefox browser, is working on a patch, and no cases have been reported, a representative for the group said.

Secunia has developed a test that allows people to see whether their system is affected by the vulnerability.

Source

More in Tux Machines

Linux Desktop Evolution: Minor, Invisible, or Aesthetic

In the last two years, the Linux desktop has settled into a period of quiet diversity. The user revolts of 2008-2012 are safely in the past, and users are scattered among at least seven major desktops -- Cinnamon, GNOME, KDE,LXDE, MATE, Unity, and Xfce -- and likely to stay that way. So what comes next? What will the next innovations on the desktop be? Where will they come from? Prediction is as safe as investing in penny mining stocks, but some major trends for the next couple of years seem obvious without the bother of a tarot reading. Read more

Ubuntu Touch apps can run in windowed mode

The developers of the Ubuntu Linux operating system for desktop, notebook, and server computers are working on a touch-friendly version for smartphones and tablets, with the first Ubuntu phones expected to go on sale this year. Read more

Square tries to make open source “welcoming and inspiring” to women

What is open source? Simply put, it is source code (used to develop software programs) that is freely available and modifiable on the Internet. Open source developers from all over the world contribute to various projects, which are hosted on various websites—GitHub, a popular code hosting site, has over 8 million users and over 19 million code “repositories.” Read more

Citizens call on Dortmund to use free software

Four citizens of the German city of Dortmund have started a citizens’ initiative, asking the city council to seriously consider the use of free and open source software. “The city needs to recognise free software as a topic in the public interest”, the DO-FOSS initiators write. Read more