Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
April 8, 2005, 12:47 am
rate this thread
Folks know I am a Firefox fan, however folks should be aware there is a
new information disclosure bug in Firefox that is rated moderately
critical. Looking at the bug I can see why it may be considered so
however I believe the information disclosed would probably be minor,
haven't seen a bug fix outside of disabling Java scripting. There is
more here along with a test that shows you the memory dump it can provide.
A few notes. Do not get freaked out remember a couple of things:
1) The info leak will only display a small fragment of YOUR memory (ie your
processes) not the system's (privileged memory)
2) It is such a small fragment the chances of it revealing something
remotely interesting is almost nil.
In either case a patch is due to come out in a couple of days...
"Microsoft isn't evil, they just make really crappy operating systems." -
Michael Pelletier wrote:
For the most part the information revealed is fairly random. Not like
IE where one can run the code of choice of the attacker. Of the two,
I'll take the random info disclosure. If you have the ability to filter
outbound nfo you can put logins/passwords, ssn, credit card numbers
(partial) in filters to alert you when they attempt to traverse the