Technology news and Jobs arrow Information Technology News arrow Firefox flaw re-rated as high severity
Firefox flaw re-rated as high severity E-mail
by Stephen Withers   
Thursday, 31 January 2008
A Firefox security flaw originally judged to be of low severity has been upgraded to high, but a fix is on its way.
Register now to win a Canon EOS 500D Cannon EOS 500D Digiral SLR

The issue concerns so-called 'flat' add-ons that store their components in multiple files instead of using a single .jar file. A flaw in the way the program handles the chrome protocol means a maliciously crafted web page is able to traverse directories in order to read data from known locations.

Many add-ons use flat packaging, including popular ones such as Greasemonkey and Download Statusbar.

Add-on developers have been asked to repackage their wares as .jar files, but Firefox 2.0.0.12 - "which will be available shortly," according to the Mozilla Security Blog - will include a fix for the problem.


Please enable JavaScript in your browser to post your comment!

Tags See All Tags Add New Tag...

Please Enter New Tags Separated By Comma's
  Or Close

Browsers  Firefox  Open Source  Security  Software  Stephen Withers  Web 
Powered By Joomla Tags
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
 665,005
Subscribers 14,517
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire , Subscribe to SMS headlines