Tuesday, February 07, 2012
Register  Login
  Our sponsors   
  Users currently online   
Membership Membership:
Latest New User Latest: kevin
New Today New Today: 0
New Yesterday New Yesterday: 0
User Count Overall: 56
People Online People Online:
Visitors Visitors: 4
Members Members: 0
Total Total: 4
Online Now Online Now:
Periwinkle Communications
Viruswarn banner
you are here: Forums  Search

Welcome to the Viruswarning forums.  All your original content has been ported to the new forums as  well as new content and additional opportunities to interact with the authors of Viruswarn.com.  You can always access old content at www.leedrake.com/forum .  You may find some formatting was lost in the conversion and the older versions of the posts to be more readable....

But at least it's all here.

Enjoy!
  Viruswarn Forums
Forums > Viruswarning Forum > Viruswarning archive
Subject: Firefox 1.5 bug released

You are not authorized to post a reply.   
Author Messages
Lee Drake
Posts:238
12/12/2005 7:45 AM  
What it is An unpatched bug in Firefox now currently has a full explanation and exploit code published. The flaw allows a specially crafted website title to make Firefox appear to crash and make it slow to start up until a file is manually deleted or edited. Although the flaw doesn't allow a remote user to take over your computer it could make the browser not function, or function poorly. Firefox and the security company have labeled this issue as a "Flaw in the browser" resulting in a "denial of service" condition. What you should do If you don't use Firefox you don't need to do anything. If Firefox is on your system, until a patch becomes available be careful about what sites you visit. Known sites should never have this problem but potentially sites that you surf onto from google, links in email, or other such sites could have the specially crafted code on them. There is no way to identify such sites in advance of browsing them. If you haven't already updated to version 1.5 you should update immediately - all previous versions have this and other vulnerabilities and version 1.5 has an update capability built into the "help" menu that makes it easier to patch once a patch is released. In the meantime you can work around this by setting the number of days to save history to zero. To do this choose tools/options/Privacy icon/History Tab. You should also change your privacy settings to delete personal info when you exit firefox. Note that this workaround may also delete useful information - you must balance the risk vs the utility of this workaround. If your browser does crash, or is extremely sluggish on startup the likely cause is this flaw. To correct the problem and renew functionality you must delete the History.DAT file from your firefox install, or - if your browser will start up - delete the history from the Firefox menu. In a default installation this file can be located using the following procedure (Based on operating system): http://www.mozilla.org/support/firefox/edit#profile Further references Vulnerability info from SANS: http://isc.sans.org/diary.php?storyid=920 Mozilla response: http://www.mozilla.org/security/history-title.html Mozilla profile finder instructions: http://www.mozilla.org/support/firefox/edit#profile This concludes this viruswarning notice. Lee Drake OS-Cubed, Inc. 274 North Goodman St. Suite A401 Rochester, NY 14607 Phone: Cell: 585-509-0284 Fax: 585-242-9441 www.os-cubed.com ldrake@os-cubed.com
You are not authorized to post a reply.
Forums > Viruswarning Forum > Viruswarning archive > Firefox 1.5 bug released


ActiveForums 3.6
  Register or Login


Forgot Password ?
Copyright 2006 by OS-Cubed, Inc.   Terms Of Use  Privacy Statement