Results 1 to 3 of 3

Thread: Mozilla offers temporary fix for Firefox flaw

  1. #1
    T̙͓̞̣̯ͦͭͅͅȂͧͭͧ̏̈͏̖̖Z̿ ͆̎̄
    Join Date
    Dec 2004

    Mozilla offers temporary fix for Firefox flaw

    Responding to the disclosure of a serious Web browser flaw, the Mozilla Foundation offered on Friday a temporary fix to protect Firefox and Mozilla users.

    The downloadable fix protects against attacks that take advantage of a new, unpatched flaw that could let attackers secretly run malicious software on users' PCs. The flaw was disclosed late Thursday by security researcher Tom Ferris, sending Mozilla staff into damage-control mode.

    The problem has to do with the way the Firefox and Mozilla browsers handle International Domain Names, or IDNs, said Mike Schroepfer, director of engineering at Mozilla. IDNs are domain names that use local language characters. The fix disables support for such Web addresses, he said.
    Mozilla offers temporary fix for Firefox flaw | CNET News.com

    CNET's download link didn't go anywhere for me so here's a link to the download just in case...

    What Firefox and Mozilla users should know about the IDN buffer overflow security issue

  2. #2
    Senior Member BrainStop's Avatar
    Join Date
    Jan 2002
    Hi Egaladeist,

    Thanks for the link. I liked the option to manually configure the workaround. It got me to dig some deeper into Firefox and improve my knowledge level that way.


    "To estimate the time it takes to do a task, estimate the time you think it should take, multiply by two, and change the unit of measure to the next highest unit. Thus we allocate two days for a one-hour task." -- Westheimer's Rule

  3. #3
    Join Date
    May 2003
    BrainStop... everyone always says that open source is so great because you can just make the changes you want... so why don't you just fix the problem yourself and screw the workaround crap?



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts