| Firefox 2.0.0.10 nears release |
|
| by Stephen Withers | |
| Thursday, 22 November 2007 | |
      
Firefox 2.0.0.10 addresses a pair of vulnerabilities in the browser's handling of Java Archive (jar) URIs. Firstly, Firefox's jar protocol handler will accept any zip format file, not just jar files. If an attacker is able to upload a zip file to a trusted site, a victim lured into downloading it will find that the contents of the zip file will run in the context of the trusted site, possibly allowing access to information stored on that site. This is being fixed by only allowing the jar scheme for files arriving with the application/java-archive MIME type. The second issue is if a zip archive is loaded via a redirect, Firefox currently runs it with the permissions applying to the initiating site, not the one actually delivering the file. These issues have been exploited to give the attacker see a user's stored Gmail contacts. Firefox 2.0.0.10 has reached the release candidate stage, and a test day is scheduled for this Friday, November 23. The test day will involve members of the Mozilla community performing systematic and ad-hoc tests of the release candidate, as well as its compatibility with extensions and with Flash and Java content. Assuming no major issues are found, Firefox 2.0.0.10 will arrive next week.
|
Tags
| < Next story in category | Previous story in the category > |
|---|
