Mozilla ups unpatched Firefox flaw to 'high severity'

Mozilla has given a proof of concept Firefox vulnerability a "high severity" rating because an attacker can collect session information such as cookies and history, according to Mozilla security chief Window Snyder. Snyder said the vulnerability will be patched with Firefox 2.0.0.12, which will be pushed out "shortly." On Jan. 22, Snyder confirmed a proof of concept vulnerability discovered by researcher Gerry Eisenhaur on Jan. 19. Simply put, Firefox leaks information that can allow an attacker to load any javascript file on a machine. This "chrome protocol directory transveral" is in play whenever there are "flat" files–common in add ons–are installed. Chances are good that most Firefox users will have at least a few of these add ons installed. That's a lot of data leakage.

View: Full Story @ ZDNet

Report a problem with article
Previous Story

DNS celebrates 25th birthday

Next Story

FileZilla 3.0.6

14 Comments

Commenting is disabled on this article.

These posts always turn into fanboy wars,

thats why I use opera j/k I use firefox, ie7, and opera I'm a multi-browser kinda guy

i agree anytime u see a Firefox flaw you pretty much guaranteed to get some people with the 'fanboy wars' .

me personally i been using Firefox since prior to 1.0 and thats pretty much all i use... once in a great while ill use IE but it's pretty rare.

atm, im using Firefox 3 BETA 3 and it's been great ... although my extension got broke i forced firefox to use it cause it was complaining about no secure updates etc etc... but i figured out how to FORCE it to work by configing the stuff in 'about:config' stuff

(s3n4te said @ #2)
IE7 never had this higly critical flaw

I'll finish your sentence for you....
that Microsoft has announced.

One of the many advantages of open source is the transparency.

What's your point? IE doesn't use the chrome:// path because it's a Mozilla thing, in the same way Firefox has never had an ActiveX vulnerability because that's an IE thing.

(lbmouse said @ #2.2)

I'll finish your sentence for you....
One of the many advantages of open source is the transparency.

how coudl MS have this flaw announced or unanounced, do you even know what your talking about... MS has flaws yeah and also probably has undisclosed flaws, but i very much doubt it has this one

So...where are the fixes that people kept telling me would come out, 'days' after a flaw was discovered?

I remember that used to be used as ammunition against MS, whenever they took a while to patch a problem. I'm not trolling, i'm an FF user myself, but i hope people remember this the next time they decide to spread garbage.

this Firefox's vulnerability is a variant of a flaw that has been unpatched since August 2007:
http://ha.ckers.org/blog/20070811/firefox-...riable-leakage/

http://www.hiredhacker.com/2008/01/19/fire...tory-traversal/
"I spent some time tonight with scripting access to chrome files and found that Firefox doesn't properly handle escaped characters. Its possible to load any javascript file on a victims machine. This attack is similar to previously disclosed vulnerabilities but is not constrained to basic Firefox files."