Thursday, April 17, 2014
Search
  
Wednesday, December 14, 2005
 Mozilla Warns of Firefox Flaw
You are sending an email that contains the article
and a private message for your recipient(s).
Your Name:
Your e-mail: * Required!
Recipient (e-mail): *
Subject: *
Introductory Message:
HTML/Text
(Photo: Yes/No)
(At the moment, only Text is allowed...)
 
Message Text: Mozilla has warned users of a flaw in its newest browser, Firefox 1.5 that, after visiting sites with long domain names, could make it seem like their computer has crashed.

The flaw, though, doesn't make users vulnerable to attacks, reckons the open source company, despite issuing a security advisory warning on Sunday.

According to Mozilla, the problem could cause a buffer overflow error but will cause no lasting damage to the application. It also ruled out the possibility of denial-of-service attacks.

The problem, which the company says is very easy to fix, causes pages with very long titles to be processed so slowly by Mozilla that the browser seems to hang every time it is started.

To correct the problem, the offending site must be removed from the browser's history file, or the history folder must be cleared.

They had "issued a security advisory on a temporary start-up unresponsiveness caused by web pages in a browser history with extremely long titles", the company said in a statement. "If a user encounters this problem, the slow start can be fixed by clearing the browser history."

The company found there was no danger of a buffer overflow, which would have made computer's using the browser vulnerable to crashing.

"We can find no basis for claims that variants of this denial-of-service attack can cause an exploitable crash," said the company in its advisory. "There does not appear to be any risk to users or their computers beyond the temporary unresponsiveness at startup."

No release date has been set for a fix.
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .