Create an Account
username: password:
 
  MemeStreams Logo

Unpatched Firefox flaw may expose users
search
Home Agent Weblogs Social Network Post Help About

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Unpatched Firefox flaw may expose users
Topic: Technology 2:27 pm EDT, Sep  9, 2005

Mozilla, which coordinates development of Firefox and distributes the software, could not immediately comment on the flaw disclosure. However, a source close to the organization confirmed that Ferris had filed several bug reports, including this specific one.

Since the debut of Firefox 1.0 in November, usage of the open-source browser has grown. Security has been a main selling point for Firefox over Microsoft's Internet Explorer, which has begun to see its market share dip slightly--for the first time in years.

[Sigh]...

The stance people are starting to take is "See, FireFox is insecure too!" You better believe Microsoft is going to pushing this idea.

However, if you actually read the advisory, it becomes perfectly clear with 2 sentences why Firefox is and shall remains the superior browser:

The problem seems to be when a hostname which has all dashes causes the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec to return true, but is sets encHost to an empty string. Meaning, Firefox ppends 0 to approxLen and then appends the long string of dashes to the buffer instead.

He discusses specific functions and variable names that are in the human readable format, because this vulnerability was found by examining source code. This is something you can never do with Microsoft code, and is why the Open Source Model can produce a more secure product then Closed Source.

Unpatched Firefox flaw may expose users

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0