Re: Firefox Javascript information disclosure
From: Michael Pelletier (mjpelletier_at_mjpelletier.com)
Date: 04/10/05
- Next message: donnie: "Re: Who"s sending the cookies?"
- Previous message: Michael Pelletier: "Re: Firefox Javascript information disclosure"
- In reply to: winged: "Firefox Javascript information disclosure"
- Next in thread: winged: "Re: Firefox Javascript information disclosure"
- Reply: winged: "Re: Firefox Javascript information disclosure"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 10 Apr 2005 01:06:04 -0700
winged wrote:
> Folks know I am a Firefox fan, however folks should be aware there is a
> new information disclosure bug in Firefox that is rated moderately
> critical. Looking at the bug I can see why it may be considered so
> however I believe the information disclosed would probably be minor,
> haven't seen a bug fix outside of disabling Java scripting. There is
> more here along with a test that shows you the memory dump it can provide.
>
> http://secunia.com/advisories/14820/
>
> Winged
A few notes. Do not get freaked out remember a couple of things:
1) The info leak will only display a small fragment of YOUR memory (ie your
processes) not the system's (privileged memory)
2) It is such a small fragment the chances of it revealing something
remotely interesting is almost nil.
In either case a patch is due to come out in a couple of days...
Michael
-- "Microsoft isn't evil, they just make really crappy operating systems." - Linus Torvald
- Next message: donnie: "Re: Who"s sending the cookies?"
- Previous message: Michael Pelletier: "Re: Firefox Javascript information disclosure"
- In reply to: winged: "Firefox Javascript information disclosure"
- Next in thread: winged: "Re: Firefox Javascript information disclosure"
- Reply: winged: "Re: Firefox Javascript information disclosure"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
