Firefox “Lambda Replace Heap Memory” Security Flaw Reveals Sensitive User Information - 1,190 Views, 1 Comment
|
Previous Article « Aunty’s Readers Sound Off About the FCC Broadcast Flag
Read Next Article » Unexpected Online Greeting Cards May Carry Trojan Horses
A security flaw known as the “JavaScript Lambda Replace Heap Memory Disclosure Vulnerability” has been found in the popular Firefox web browser. Firefox is an open source web browser which is available for Windows, OS X, and Linux, and which has experienced significant adoption in the past 18 months. The new security flaw, which compromises the user’s “heap memory”, was discovered and announced by security company Secunia. While not exploitable by phishers or hackers seeking to gain access to the user’s computer, it can expose sensitive information both received from and entered in at websites which the user has visited. Explained Thomas Kristensen, CTO of Secunia, “Unlike other browser flaws, this one is not subject to phishing or access to the system. But it can expose sensitive information from other websites you visited and the information you entered there.” The Mozilla Foundation, which created Firefox, is working on a patch. In the meantime, Secunia has created a test which users can use to determine whether their system is at risk for exposure through the flaw. If so, Secunia recommends disabling JavaScript support on the user’s system until the Mozilla Foundation releases a patch.
Follow Anne on
Twitter 
Friend Anne on Facebook
Firefox “Lambda Replace Heap Memory” Security Flaw Reveals Sensitive User Information
Twitter Explained in Plain English
Previous Article « Aunty’s Readers Sound Off About the FCC Broadcast Flag
Read Next Article » Unexpected Online Greeting Cards May Carry Trojan Horses
Read more:
» Firefox Flaw Found and Fixed (Get the Patch)
» Firefox and Mozilla Still at Risk for Spoofing “Frame Injection” Security Flaw
» FireFox Security Holes Lead to Warning
» Sony BMG Reveals New Security Flaw: MediaMax Software on 5.7 Million CDs
For additional similar stories check out our archives on Security
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
Thanks
Comment by Lyle — 4/7/2005 @ 7:35 am