Technology news and Jobs arrow Information Technology News arrow Firefox flaw re-rated as high severity
Firefox flaw re-rated as high severity E-mail
by Stephen Withers   
Thursday, 31 January 2008
A Firefox security flaw originally judged to be of low severity has been upgraded to high, but a fix is on its way.
The issue concerns so-called 'flat' add-ons that store their components in multiple files instead of using a single .jar file. A flaw in the way the program handles the chrome protocol means a maliciously crafted web page is able to traverse directories in order to read data from known locations.

Many add-ons use flat packaging, including popular ones such as Greasemonkey and Download Statusbar.

Add-on developers have been asked to repackage their wares as .jar files, but Firefox 2.0.0.12 - "which will be available shortly," according to the Mozilla Security Blog - will include a fix for the problem.


Please enable JavaScript in your browser to post your comment!

Tags See All Tags


Browsers  Firefox  Open Source  Security  Software  Stephen Withers  Web 

Get stories like this delivered daily - FREE - subscribe now
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
Suscribers		 904,266
13,751
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff
Subscribe to our free e-newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire