Language Selection

English French German Italian Portuguese Spanish

Flaw found in Firefox

Filed under
Security

Firefox versions 1.0.1 and 1.0.2 contain the vulnerability, the security information company said in an advisory on Monday. The flaw stems from an error in the JavaScript engine that can expose arbitrary amounts of heap memory after the end of a JavaScript string. As a result, an exploit may disclose sensitive information in the memory, Secunia said.

"Unlike other browser flaws, this one is not subject to phishing or access to the system. But it can expose sensitive information from other Web sites you visited and the information you entered there," said Thomas Kristensen, Secunia chief technology officer.

While the flaw is only rated as "moderately critical" by Secunia, the rapid adoption of the open-source browser means that many users may be at risk. Prior to the release of version 1.0, downloads of earlier versions of the browser had reached 8 million within the first 18 months.

The Mozilla Foundation, which makes the Firefox browser, is working on a patch, and no cases have been reported, a representative for the group said.

Secunia has developed a test that allows people to see whether their system is affected by the vulnerability.

Source

More in Tux Machines

Three great Android tools for Linux and Windows sysadmin

Systems administration isn't a simple job — and being able to respond to issues quickly is a definite plus. Not long ago, server problems meant receiving a phone alert followed by a trip to the data center to fix whatever was wrong. Today, having full-powered computers such as smartphones or tablets literally in your hand is a tremendous help when doing sysadmin. Load Android with a few key applications and you can remotely monitor servers and services, get alerts and warnings as they occur, and solve problems without any travel at all. Read more

KDBUS Submitted For Review To The Mainline Linux Kernel

It looks like KDBUS, the Linux kernel D-Bus implementation, is posed to be added to the next kernel release after Greg Kroah-Hartman sent out its patches today. Read more

Windows Phone Shrinks In Android-Dominated Europe, As New iPhones Boost iOS’ Share

Spare a thought for Microsoft, a relative newcomer to the mobile making business, after Redmond completed its $7.2BN+ acquisition of former European mobile making powerhouse Nokia earlier this year. If Microsoft was hoping to see quick marketshare wins in Europe once its hands were fully on the levers of production that has not come to pass. The latest 12-week smartphone sales figures from Kantar Worldpanel ComTech, up to this September, indicate that Windows Phone’s already small share of the smartphone market has shrunk in Europe — dropping 0.3 percentage points in aggregate across the top five markets in Europe (the UK, France, Spain, Italy and Germany). Read more

35 Essential Android Apps for Daily Use

This list of essential Android apps are the ones you must have apps you need every day. They help with email, weather, music, and handful of other essential tasks. Read more