April 19, 2005

Unholy trio menace Firefox

A bug that allows hackers to inject JavaScript code in link tags supporting "favicons" and a Mozilla-specific flaw which allows the execution of arbitrary code remotely via the Firefox side bar both pose a severe risk after they were recently coded up in script-kiddie friendly exploits. A third critical security bug - affecting versions of the browsers prior to Firefox 1.0.3 and Mozilla 1.7.7 - involves privilege escalation via DOM (Document Object Model) property overrides.

Link: The Register

Click Here!