Mozilla Firefox Vulns

GrapefruiTgirl · 04-09-2010, 05:26 PM

Actually that stuff is quite interesting, and something that hadn't occurred to me before reading the article and some related articles. Thanks for posting about it.

win32sux · 04-22-2010, 07:35 PM

Quote:

Mozilla has just put online a first beta of Firefox 3.6.4. which includes a mechanism for isolation plugins. The Mozilla browser strengthens its stability.

Firefox 3.6.4 provides an insulation function of grafts. In the event of a crash of a plug-in, web browser will continue to operate. Functionality already found in third-party products, such as Internet Explorer and Chrome. Caution, however, because only Flash, QuickTime and Silverlight will benefit from this technology. The other grafts continue to function as usual.

Developers have the opportunity to correct also almost 170 bugs, which will improve the stability of the browser and address various security issues.

Complete Post

The page for Mozilla Firefox beta releases is here.

catilley1092 · 05-06-2010, 01:20 AM

Well, IE is targeted by this same problem now (remote code execution) Many are adopting Firefox (3.6.3) over it. I, preferring beta products (someone has to try them out & use them) have 3.6.4. This issue appears as though it will never stop, so everyone, stay on your toes. FF with No Script, along with safe computing practices, will help to minimize any damage that these people who are responsible for this are trying to do. People are nuts these days, a couple of days ago, someone joined our forum and posted a command to "increase speed & performance". Turns out that one of the moderators caught on quickly, entering this command & pressing "enter" would destroy the entire Windows files & subfolders. It is sickening to think that someone would post this command on an open forum that's here to help others. I'm staying alert as possible on this issue that the OP brought up, and making efforts to educate others, too. Best wishes to all!

win32sux · 06-04-2010, 02:18 AM

Quote:

Soroush Dalili has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to disclose potentially sensitive information.

The vulnerability is caused due to the "window.onerror" handler being allowed to read the destination URL of a redirection. This can be exploited to e.g. disclose session-specific query parameters contained in a target URL by referencing a redirecting site via an HTML "<script>" tag.

The vulnerability is confirmed in version 3.6.3 and 3.5.9. Other versions may also be affected.

Secunia Advisory

win32sux · 06-22-2010, 06:41 PM

Firefox 3.6.4 has been released.

It includes many security fixes, several of which are rated as critical.

It also brings with it a new crash-protection feature.

FWIW, Firefox 3.5.10 has also been released.

H_TeXMeX_H · 06-23-2010, 04:53 AM

thanks for the update

win32sux · 06-23-2010, 01:16 PM

Quote:

Originally Posted by H_TeXMeX_H

thanks for the update

No problem. BTW, Secunia released their relevant advisory today.

win32sux · 06-24-2010, 03:00 PM

Quote:

Michal Zalewski has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to conduct spoofing attacks.

The vulnerability is caused due to the address bar of a newly opened window displaying the URL of the requested location before the page is loaded. This can be exploited to display arbitrary content in the blank document while showing the URL of a trusted web site in the address bar, e.g. by calling "window.stop()" to abort loading the new page.

The vulnerability is confirmed in version 3.6.4. Other versions may also be affected.

Secunia Advisory

win32sux · 06-26-2010, 10:50 PM

Firefox 3.6.6 has been released.

It doesn't seem like it addresses the vulnerability mentioned in my previous post, though.

H_TeXMeX_H · 06-27-2010, 04:24 AM

well at least they fixed it quick, now I have to compile it again

win32sux · 07-17-2010, 05:38 AM

Quote:

Mozilla launched its security bounty program in 2004 and while the original mission of protecting users by supporting security research has not changed, the security environment has changed tremendously. In recognition of these changes we are updating our security bounty program to better support constructive security research.

For new bugs reported starting July 1st, 2010 UTC we are changing the bounty payment to $3,000 US per eligible security bug.

Complete Post

win32sux · 07-20-2010, 05:29 PM

Both include many security fixes rated critical by Mozilla.

The release notes for 3.6.7 are here.

The release notes for 3.5.11 are here.

win32sux · 07-20-2010, 08:46 PM

Quote:

The Internet Explorer, Firefox, Chrome, and Safari browsers are susceptible to attacks that allow webmasters to glean highly sensitive information about the people visiting their sites, including their full names, email addresses, location, and even stored passwords, a security researcher says.

In a talk scheduled for next week's Black Hat security conference in Las Vegas, Jeremiah Grossman, CTO of White Hat Security, plans to detail critical weaknesses that are enabled by default in the browsers, which are the four biggest by market share. The vulnerabilities have yet to be purged by the respective browser makers despite months, and in some cases, years of notice.

Complete Article

Thanks to Threatpost for covering this.

GazL · 07-21-2010, 04:25 AM

Triggering the input from JavaScript as described in the above article is interesting and something I hadn't considered, but even without the JavaScript angle, those features screamed "BAD IDEA" at me so loudly from the very first that it even penetrated my tin-foil hat. Turning off form input auto-complete, and password saving features is one of the first things I do after installing a browser.

The remote code execution issues in Firefox are much more worrying though. If they can find this many to fix in a single patch, it makes me wonder just how many others are lurking in there.

craigevil · 07-23-2010, 11:37 PM

Firefox 3.6.8 released