Register a domain and help support LQ
Go Back > Forums > Linux Forums > Linux - News > Syndicated Linux News
User Name
Syndicated Linux News This forum is for the discussion of Syndicated Linux News stories.


  Search this Thread
Old 07-23-2007, 04:16 PM   #1
LXer NewsBot
Registered: Dec 2005
Posts: 81,922

Rep: Reputation: 87
LXer: Password vulnerability in Firefox

Published at LXer:

According to a message posted over the weekend on the Full-Disclosure mailing list, the latest version of Firefox,, contains a password management vulnerability that can allow malicious Web sites to steal user passwords. If you have JavaScript enabled and allow Firefox to remember your passwords, you are at risk from this flaw.

Old 07-23-2007, 04:35 PM   #2
Registered: Dec 2005
Location: Portugal
Distribution: Slackware64 13.0, Slackware64 13.1
Posts: 538

Rep: Reputation: 62
Yep, thats why its nice to always have NoScript installed...
Old 07-23-2007, 04:41 PM   #3
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 122Reputation: 122
This "vulnerability" seems hugely out of proportion to me. It would have to be on a site to which you've already submitted credentials. It does not seem to be exploitable across sites, and does not reveal your entire password store. In other words, a site can get its own stored password.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Vulnerability found in Firefox extension, Google toolbar LXer Syndicated Linux News 0 06-06-2007 01:16 AM
LXer: This week at LWN: The Firefox password manager vulnerability LXer Syndicated Linux News 0 12-06-2006 12:21 PM
LXer: Firefox password manager is not secure LXer Syndicated Linux News 0 11-23-2006 07:21 AM
LXer: Cross platform javascript vulnerability leaves IE, Firefox open LXer Syndicated Linux News 0 06-08-2006 04:21 AM
Vulnerability in Firefox 1.0.4 / Mozilla 1.7.8 win32sux Linux - Security 24 09-09-2005 04:23 PM

All times are GMT -5. The time now is 03:03 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration