funsec mailing list archives
Re: Time to Upgrade: Mozilla Firefox Multiple Vulnerabilities
From: Reed Loden <reed () reedloden com>
Date: Tue, 19 Dec 2006 18:44:06 -0600
On Wed, 20 Dec 2006 00:13:04 GMT "Fergie" <fergdawg () netzero net> wrote:
Also, I noticed that someone else mentioned that at least one critical vulnerability remains unplugged: http://www.internetnews.com/dev-news/article.php/3650106
I, personally, do not consider that a critical vulnerability. The problem is really with the third-party sites (such as MySpace) that allow users to post login forms on their site. If the sites didn't allow users to post content like that, it wouldn't be a problem. MySpace has since fixed this problem, so it's not an issue there. Also, it's not like somebody can get the password for another website than the one you are currently viewing. A better "fix" (for some definition of "fix" for a problem that's really not Firefox's fault) for this issue will come in a later Firefox release, but for now, Firefox 2.0.0.1/1.5.0.9 allows people to disable the password manager's autofill function if they feel that they are really unsecure due to this issue. Honestly, if you trust the sites you are going to, you shouldn't have a problem. I'm not worried about it. :) ~reed -- Reed Loden - <reed () reedloden com> _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Time to Upgrade: Mozilla Firefox Multiple Vulnerabilities Fergie (Dec 19)
- <Possible follow-ups>
- Re: Time to Upgrade: Mozilla Firefox Multiple Vulnerabilities Juha-Matti Laurio (Dec 19)
- RE: Time to Upgrade: Mozilla Firefox Multiple Vulnerabilities Larry Seltzer (Dec 19)
- Re: Time to Upgrade: Mozilla Firefox Multiple Vulnerabilities Reed Loden (Dec 19)
- Re: Time to Upgrade: Mozilla Firefox Multiple Vulnerabilities Reed Loden (Dec 19)
- RE: Time to Upgrade: Mozilla Firefox Multiple Vulnerabilities Larry Seltzer (Dec 19)
- Re: Time to Upgrade: Mozilla Firefox Multiple Vulnerabilities Fergie (Dec 19)
- Re: Time to Upgrade: Mozilla Firefox Multiple Vulnerabilities Reed Loden (Dec 19)
- Re: Time to Upgrade: Mozilla Firefox Multiple Vulnerabilities Fergie (Dec 19)