Mozilla Ups Firefox Bug Threat, Slates Fix for Feb. 5

Mozilla Corp. bumped up the threat ranking for an unpatched Firefox bug to "high" Tuesday, but promised a fix is coming in Version, now slated for release on Feb. 5. The company's head of security, Window Snyder, confirmed that the browser, when running any of more than 600 add-ons, can be exploited to steal "session information, including session cookies and session history."

Snyder's acknowledgment followed an update by Gerry Eisenhaur, the researcher who first reported the Firefox problem. "There seems to be some confusion about what exactly the severity of this vulnerability is," Eisenhaur said on his blog. "This is not a chrome privilege escalation, but it [is] worse than just leaking some variables. I created another demo to read the sessionstore.js file. This will display information regarding your current session, [including] windows, tabs, cookies, etc."

View: The full story @ PCWorld

Report a problem with article
Next Article

Image uploader bug blights MySpace

Previous Article

Windows Seven: We're Hiring!

Join the conversation!

Login or Sign Up to read and post a comment.

6 Comments - Add comment