Welcome to WebmasterWorld Guest from

Forum Moderators: incrediBILL

Message Too Old, No Replies

Researchers reveal another Firefox flaw

8:56 pm on Jul 27, 2007 (gmt 0)

Preferred Member

10+ Year Member

joined:May 27, 2003
votes: 0

itWorldCanada: Researchers reveal another Firefox flaw [itworldcanada.com]

They provided exploit code that forced Firefox to launch other local programs when a malformed URL was passed to it from Internet Explorer 7 on Windows XP SP2. According to the two, only users whose machines have IE 7 as well as Firefox are at risk.

"Just to be clear, this vulnerability is delivered through the Firefox browser, not IE. You simply have to have IE7 installed somewhere on your system for this to work, which is basically most Windows XP SP2 systems," Rios said.

1:47 am on July 28, 2007 (gmt 0)

Senior Member

WebmasterWorld Senior Member tedster is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:May 26, 2000
votes: 0

Important note: "By Thursday morning, Firefox developers had wrapped up a fix for the newest vulnerability. An automatic update to users, however, has not yet been scheduled."

So this flaw should be plugged with the next update. After an exploit is publicized, speed of patching becomes important, but at least this one was not found "in the wild", but rather by researchers.