Results 1 to 5 of 5

Thread: Image Processing Flaw Found in Firefox .

  1. 05-19-2006, 01:32 AM #1
    peat moss
    peat moss is offline
    peat moss's Avatar Software Farmer BT Rep: +15BT Rep +15BT Rep +15
    Join Date
    May 2003
    Location
    Delta B.C. Canada
    Posts
    10,547
    Firefox users may be vulnerable to a denial of service attack after researchers looked into reports of a new vulnerability within Firefox 1.5.0.3. The flaw exists in how the browser handles image tags. The SANS Internet Storm Center first wrote off the problem, but continued research has shown that the flaw could be used maliciously.

    The exploit was initially believed to only be a joke, as a hyperlinked "image" when opened would launch the media player and play a .wav file. However, researchers now say the same flaw could be used in conjunction with JavaScript to open a mail client and open up multiple windows using the "mailto:" command.

    Source: http://www.betanews.com/article/Imag...fox/1147893245
  3. 05-19-2006, 01:38 AM News (Archive)   -   #2
    Dedalus^
    Dedalus^ is offline
    Dedalus^'s Avatar The Truth is Out BT Rep: +3
    Join Date
    Apr 2006
    Posts
    224
    So, as long as we dont click a hyperlinked "image", we're safe correct?

    And only 1.5.0.3 is affected right?
  5. 05-19-2006, 01:56 AM News (Archive)   -   #3
    peat moss
    peat moss is offline
    peat moss's Avatar Software Farmer BT Rep: +15BT Rep +15BT Rep +15
    Join Date
    May 2003
    Location
    Delta B.C. Canada
    Posts
    10,547
    Quote Originally Posted by dracophi
    So, as long as we dont click a hyperlinked "image", we're safe correct?

    And only 1.5.0.3 is affected right?

    I not sure but it does give a fix tho not a good one :

    "One possible workaround is to turn off automatic startup of your e-mai application in Firefox," he said. Additionally, a user could disable JavaScript, or block "mailto:" altogether.
  7. 05-19-2006, 02:57 AM News (Archive)   -   #4
    twisterX
    twisterX is offline
    twisterX's Avatar Poster
    Join Date
    Jul 2003
    Location
    CoNNecticut
    Posts
    3,062
    Send a message via AIM to twisterX Send a message via MSN to twisterX
    NEW NEWS TOWMORRO

    Firefox Update Released!!!
  9. 05-19-2006, 03:15 AM News (Archive)   -   #5
    peat moss
    peat moss is offline
    peat moss's Avatar Software Farmer BT Rep: +15BT Rep +15BT Rep +15
    Join Date
    May 2003
    Location
    Delta B.C. Canada
    Posts
    10,547
    Quote Originally Posted by twisterX
    NEW NEWS TOWMORRO

    Firefox Update Released!!!
    Its about bloody time ! JK ,FF seems to do fine with the security problems . Is open source that much more responsive or just more people working on the quirks and tweaks ?
« Previous Thread | Next Thread »

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

Page Generation Time
0.08
Number of Queries
13
Links: Talkgold Forum | AdServices