BetaONE will rise again!


Reply
  #1  
Old 26th Jul 07, 03:01 PM
NewsBot's Avatar
NewsBot NewsBot is offline
Senior Member
 
Join Date: Oct 2004
Posts: 30,940
NewsBot will become famous soon enough
Mozilla flaw attack code published
Mozilla is working on patching its Firefox browser after a hacker posted details of a flaw that could let criminals run unauthorized software on a victim's machine. The flaw lies in Firefox's URL handler component, which was the source of another bug Mozilla disclosed Tuesday. This second flaw was disclosed Tuesday by Billy Rios and Nathan McFeters, security consultants with Verisign and Ernst & Young respectively.

Like the first flaw, this one could be exploited by attackers to launch programs on the victim's PC without authorization, said Tyler Reguly, a security research engineer at nCircle Network Security. "They're both related to the URL handling process," he said "It's just different errors within that handling process." Even though the code posted by Rios and McFeters can only be used to launch software that is already installed on a victim's PC, it could be very dangerous if used by criminals, Reguly said. "It's still letting you run any program that exists on the user's computer," he said. "You can make it do some fairly bad things. For example, having it use command-line FTP to download a malicious file off a server somewhere and then execute that file."

View: The full story
News source: InfoWorld

Read full story...



More...
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Microsoft's August Security Updates NewsBot ieXbeta News 0 10th Aug 06 04:30 AM
Exploit Code Published for Windows Worm Hole NewsBot NeoWin News 0 25th Jul 06 11:30 AM
Attack code out for Apple flaw NewsBot NeoWin News 0 29th Jun 06 11:00 PM
Attack code comes on heels of Microsoft patches NewsBot NeoWin News 0 15th Jun 06 03:00 PM
Attack Targets Mozilla NewsBot NeoWin News 0 14th Dec 05 12:30 AM


All times are GMT +1. The time now is 08:14 PM.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.