Technology news and Jobs arrow Information Technology News arrow Firefox flaw re-rated as high severity
Firefox flaw re-rated as high severity E-mail
by Stephen Withers   
Thursday, 31 January 2008
A Firefox security flaw originally judged to be of low severity has been upgraded to high, but a fix is on its way.

The issue concerns so-called 'flat' add-ons that store their components in multiple files instead of using a single .jar file. A flaw in the way the program handles the chrome protocol means a maliciously crafted web page is able to traverse directories in order to read data from known locations.

Many add-ons use flat packaging, including popular ones such as Greasemonkey and Download Statusbar.

Add-on developers have been asked to repackage their wares as .jar files, but Firefox 2.0.0.12 - "which will be available shortly," according to the Mozilla Security Blog - will include a fix for the problem.


Please enable JavaScript in your browser to post your comment!


Get stories like this delivered daily - FREE - subscribe now
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
Suscribers
904,266
13,751
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff
Subscribe to our free e-newsletter