Technology news and Jobs arrow Information Technology News arrow Firefox flaw re-rated as high severity
Firefox flaw re-rated as high severity E-mail
by Stephen Withers   
Thursday, 31 January 2008
A Firefox security flaw originally judged to be of low severity has been upgraded to high, but a fix is on its way.

The issue concerns so-called 'flat' add-ons that store their components in multiple files instead of using a single .jar file. A flaw in the way the program handles the chrome protocol means a maliciously crafted web page is able to traverse directories in order to read data from known locations.

Many add-ons use flat packaging, including popular ones such as Greasemonkey and Download Statusbar.

Add-on developers have been asked to repackage their wares as .jar files, but Firefox 2.0.0.12 - "which will be available shortly," according to the Mozilla Security Blog - will include a fix for the problem.


Powered By Joomla Tags

Please enable JavaScript in your browser to post your comment!

 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
694,279
Subscribers 15,210
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff

- Advertisement -

Featured Whitepapers

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter