Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Security / Advisories

Advisories

Firefox under Attack, No Solution Available yet!

Most Firefox versions contain a new vulnerability

By Bogdan Popa, Security and Search Engines Editor

4th of January 2008, 10:43 GMT

Adjust text size:


Firefox on Softpedia.com
Enlarge picture
We all know it, Firefox is one of the most popular web browsers ever designed. Moreover, some people say the Mozilla browser is the most secure application in its category, having safer features that Internet Explorer, the program built by the Redmond software giant, Microsoft. However, a new vulnerability has been discovered in Mozilla Firefox and, at the time of writing
this article, no official solution has been released. SecurityFocus published an advisory entitled "Mozilla Firefox 'Basic Realm' Basic Authentication Header Spoofing Vulnerability", saying that it affects most versions of the browser including 2.0.0.11.

"Mozilla Firefox is prone to an HTTP basic authentication domain-spoofing vulnerability. Attackers may exploit this vulnerability via a malicious webpage to spoof the origin of an HTTP basic authentication dialog that the victim may trust. Attackers may find this issue useful in phishing or other attacks that rely on content spoofing. Firefox 2.0.0.11 is vulnerable; other versions may also be affected", SecurityFocus wrote in the notification.

Since there's no official solution to avoid a potential exploitation of the vulnerability, let's try to find one that may keep you on the safe side, until Mozilla rolls out a patch or an updated version of the browser. SecurityFocus writes that "To exploit this issue, an attacker must entice an unsuspecting user to visit a maliciously crafted webpage."

So, the attackers need a crafted webpage that would be able to take advantage of the Firefox vulnerability. Well, in case you're one of those addicted Firefox users and you don't want to abandon your browser, you can always avoid visiting malicious websites that may attempt to exploit the flaw.

If you want to download the latest (or just another) version of the Mozilla Firefox browser, you can take it straight from Softpedia using the following link.

TAGS:

 mozilla | firefox | browser | security | vulnerability


Rating:
Good (3.2/5) 5 vote(s) so far    

Read by 698 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Internet Explorer 7 No Match for Firefox 2.0

More Windows Vista Love from Firefox 2.0

Mozilla Cooks the Mobile Flavor of Firefox

Will Firefox 2.0 Extensions Be Compatible with Firefox 3.0?

Firefox 3.0 Beta 2 Available for Download

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive