Help answer threads with 0 replies.
Go Back > Forums > Linux Forums > Linux - News > Syndicated Linux News
User Name
Syndicated Linux News This forum is for the discussion of Syndicated Linux News stories.


  Search this Thread
Old 07-23-2007, 05:16 PM   #1
LXer NewsBot
Registered: Dec 2005
Posts: 95,657

Rep: Reputation: 96
LXer: Password vulnerability in Firefox

Published at LXer:

According to a message posted over the weekend on the Full-Disclosure mailing list, the latest version of Firefox,, contains a password management vulnerability that can allow malicious Web sites to steal user passwords. If you have JavaScript enabled and allow Firefox to remember your passwords, you are at risk from this flaw.

Old 07-23-2007, 05:35 PM   #2
Registered: Dec 2005
Location: Portugal
Distribution: Slackware64 13.0, Slackware64 13.1
Posts: 538

Rep: Reputation: 62
Yep, thats why its nice to always have NoScript installed...
Old 07-23-2007, 05:41 PM   #3
LQ Guru
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 124Reputation: 124
This "vulnerability" seems hugely out of proportion to me. It would have to be on a site to which you've already submitted credentials. It does not seem to be exploitable across sites, and does not reveal your entire password store. In other words, a site can get its own stored password.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Vulnerability found in Firefox extension, Google toolbar LXer Syndicated Linux News 0 06-06-2007 02:16 AM
LXer: This week at LWN: The Firefox password manager vulnerability LXer Syndicated Linux News 0 12-06-2006 01:21 PM
LXer: Firefox password manager is not secure LXer Syndicated Linux News 0 11-23-2006 08:21 AM
LXer: Cross platform javascript vulnerability leaves IE, Firefox open LXer Syndicated Linux News 0 06-08-2006 05:21 AM
Vulnerability in Firefox 1.0.4 / Mozilla 1.7.8 win32sux Linux - Security 24 09-09-2005 05:23 PM > Forums > Linux Forums > Linux - News > Syndicated Linux News

All times are GMT -5. The time now is 01:09 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration