Udar na Firefox!

1

Udar na Firefox!

offline
  • SINGI
  • Pridružio: 22 Avg 2003
  • Poruke: 787
  • Gde živiš: Beograd

Dakle, cim je postao popularan, postao je i interesantan za trazenje propusta

Exploit code chases two Firefox flaws

Published on ZDNet News: May 9, 2005, 8:14 AM PT

Two vulnerabilities in the popular Firefox browser have been rated "extremely critical" because exploit code is now available to take advantage of them.

The cross-site scripting and remote system access flaws were discovered in Firefox version 1.0.3, but other versions may also be affected, said security company Secunia, which issued the ratings Sunday.

One flaw involves "IFRAME" JavaScript URLs, which are not properly protected from being executed in the context of another URL in the history list

A second vulnerability exists in the IconURL parameter in InstallTrigger.install(). Information passed to this parameter is not properly verified before it's used, allowing an attacker to gain user privileges. This flaw could allow an attacker to gain and escalate user privileges on a system.

Ostatak na

http://news.zdnet.com/2100-1009_22-5700204.html?tag=nl.e589

Ono sto ne valja je da jos nema zakrpe, tj. evo sta kaze Mozilla

Security Advisory (May 8, 2005) The Mozilla Foundation is aware of two potentially critical Firefox security vulnerabilities as reported publicly Saturday, May 7th. There are currently no known active exploits of these vulnerabilities although a "proof of concept" has been reported. Changes to the Mozilla Update web service have been made to mitigate the risk of an exploit. Mozilla is aggressively working to provide a more comprehensive solution to these potential vulnerabilities and will provide that solution in a forthcoming security update. Users can further protect themselves today by temporarily disabling JavaScript.

Further information including the availability of updates will be posted at www.mozilla.org.



Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
offline
  • RIA  Male
  • Prijatelj foruma
  • Pridružio: 20 Feb 2005
  • Poruke: 2839
  • Gde živiš: Around Belgrade

da li je neko stvarno imao probleme zbog toga ili je.... to mozda manje opasno nego sto se cini ?



offline
  • BMW 
  • Ugledni građanin
  • Pridružio: 25 Mar 2005
  • Poruke: 314

Pa ima, meni je prvo prijavljivao neki upad i tražio proveru, nisam pristajao jer sam sumnjao da je lažnjak, i posle više nije hteo da se podigne nego je tražio da se napravi drugi korisnik, sa novim favoritima i adresama.
To je bilo na poslu bez firewalla. Kući još ništa. KIS ga čuva.

offline
  • Pridružio: 19 Mar 2005
  • Poruke: 146
  • Gde živiš: undernet.org

heheheh :0

zato ja koristim IE Smile

offline
  • Pridružio: 01 Dec 2004
  • Poruke: 177
  • Gde živiš: srem

@black hat

ipak je ie integrisan u sistem i mora da sljaka....... naravno tu je i kav

offline
  • ZoNi  Male
  • Free Your Mind!
  • Pridružio: 26 Feb 2005
  • Poruke: 5757
  • Gde živiš: Singidunum

ja bih svima koji koriste IE (i zadovoljni su njime!) predlozio da probaju besplatnu Maxthon, koji je neka vrsta nadogradnje za IE...

offline
  • oblak  Male
  • Legendarni građanin
  • Glavni moderator foruma Mobilni telefoni
  • LEBE KISELI
  • Pridružio: 14 Feb 2005
  • Poruke: 6355

znam da mi je ie (sve zakrpe i update-ovi)stalno skidao trojane isl u tmp folder znam da posetiti npr altavistu sa ie znaci konstantno skicanje kava i gomila poruka od za kako je blokirao ovo ono nisam mogao da zivim od tih dosada sada sa ff-om nisam cuo kav-a zadnjih 2 meseca cak sam mislio da mi kav ne radi...

offline
  • Pridružio: 02 Sep 2003
  • Poruke: 4924

@ZoNi

Tema su propusti u Firefoxu... Bebee Dol

offline
  • ZoNi  Male
  • Free Your Mind!
  • Pridružio: 26 Feb 2005
  • Poruke: 5757
  • Gde živiš: Singidunum

znam, Djole! Resenje za propuste u FFu (kojih ce biti sve vise) jeste prelazak na Maxthon (ili Avant) Smile

offline
  • BMW 
  • Ugledni građanin
  • Pridružio: 25 Mar 2005
  • Poruke: 314

Rupa je zatvorena: Firefox 1.0.4

http://ftp.mozilla.org/pub/mozilla.org/firefox/nig.....taller.exe

Dopuna: 11 Maj 2005 10:16

ZoNi ::znam, Djole! Resenje za propuste u FFu (kojih ce biti sve vise) jeste prelazak na Maxthon (ili Avant) Smile


To bi bio još veći propust Cool

IE je IE sa ma kojim skinom.

Ko je trenutno na forumu
 

Ukupno su 1090 korisnika na forumu :: 53 registrovanih, 8 sakrivenih i 1029 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: adelita, airsuba, Areal, babaroga, Banijac, bato, caesar, Cigi, cikadeda, Cranium, Ctrl x, Cufo, dankisha, Denaya, DENIRO, Dragan Smiljanić, dragon986, dragonserbia, Drug pukovnik, Filip Marinković, GreenMan, Haryy, Ilija Cvorovic, ivica976, kaisarevic1, kira.djekic, kuntalo, kvcali, lekso, MB120mm, mercedesamg, Mihajlo, Miskohd, nebkv, NoOneEver Dreams, nuke92, raytoral92, Regrut Boskica, ruma, sabros, sakota79, Sirius, suton, Toper, Velizar, virked, Vlada1389, vobo, W123, wolf431, Yellow Pinky, ZoranB., zoranis