Firefox “Lambda Replace Heap Memory” Security Flaw Reveals Sensitive User Information 4/6/2005 - 698 views, 1 Comment
|
Previous Article « Aunty’s Readers Sound Off About the FCC Broadcast Flag
Read Next Article » Unexpected Online Greeting Cards May Carry Trojan Horses
A security flaw known as the “JavaScript Lambda Replace Heap Memory Disclosure Vulnerability” has been found in the popular Firefox web browser. Firefox is an open source web browser which is available for Windows, OS X, and Linux, and which has experienced significant adoption in the past 18 months. The new security flaw, which compromises the user’s “heap memory”, was discovered and announced by security company Secunia. While not exploitable by phishers or hackers seeking to gain access to the user’s computer, it can expose sensitive information both received from and entered in at websites which the user has visited. Explained Thomas Kristensen, CTO of Secunia, “Unlike other browser flaws, this one is not subject to phishing or access to the system. But it can expose sensitive information from other websites you visited and the information you entered there.” The Mozilla Foundation, which created Firefox, is working on a patch. In the meantime, Secunia has created a test which users can use to determine whether their system is at risk for exposure through the flaw. If so, Secunia recommends disabling JavaScript support on the user’s system until the Mozilla Foundation releases a patch.
Previous Article « Aunty’s Readers Sound Off About the FCC Broadcast Flag
Read Next Article » Unexpected Online Greeting Cards May Carry Trojan Horses
|
|
Email the link for this page to a friend! |
Read more:
» Firefox Flaw Found and Fixed (Get the Patch)
» Firefox and Mozilla Still at Risk for Spoofing “Frame Injection” Security Flaw
» FireFox Security Holes Lead to Warning
» New Security Update for Firefox Fixes High Risk Issues
For additional similar stories check out our archives on Security
Thanks
Comment by Lyle — 4/7/2005 @ 7:35 am