PDA

Click to See Complete Forum and Search --> : Another Firefox Vulnerability Reported

Elizabeth
06-07-2005, 12:37 AM
From Secunia, a seven year old browser bug has resurfaced:
http://secunia.com/advisories/15601/


And a test to see if you are vulnerable (which I was, interestingly enough):
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
planetsim
06-07-2005, 03:39 AM
Doesnt appear to affect 1.0.4

Also vBulletin is stuffing the Link Up, by adding the line break tag and a space in the URL.
Jason Batten
06-07-2005, 04:06 AM
Internet Explorer (http://www.microsoft.com/windows/ie/default.mspx) && phpBB2 (http://www.phpbb.com) :D
planetsim
06-07-2005, 04:14 AM
Originally posted by NetNerd85
Internet Explorer (http://www.microsoft.com/windows/ie/default.mspx) && phpBB2 (http://www.phpbb.com) :D

Hmm..

Internet Explorer
http://secunia.com/product/11/ (20 out of 81 and on highly critical)
Firefox
http://secunia.com/product/4227 (5 out of 18)

So who are you going to take your chances with?

As well as Im currently using PHPBB2 its quite a mess and bug riddled. Which reminds me I should upgrade.
Jason Batten
06-07-2005, 04:21 AM
I'm not parranoid :bemused:

I just like the IE logo better :D

Orange, boo! *strokes his fox fur coat
Weedpacket
06-07-2005, 06:37 AM
Originally posted by planetsim
Doesnt appear to affect 1.0.4 Ditto.
Elizabeth
06-07-2005, 09:58 AM
weird, I'm running 1.0.4 and got me... weird. I'll have to look into that. :glare:
goldbug
06-07-2005, 10:08 AM
Originally posted by Elizabeth
weird, I'm running 1.0.4 and got me... weird. I'll have to look into that. :glare:
It got me as well. 1.0.4 running on OS X 10.3.9

Doesn't seem to affect Safari tho (obviously) :D
dalecosp
06-07-2005, 03:10 PM
Mozilla 1.7.7
Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.7) Gecko/20050428

Oh, well ... it was over a month old, anyway :D
Weedpacket
06-08-2005, 08:21 AM
Originally posted by Elizabeth
weird, I'm running 1.0.4 and got me... weird. I'll have to look into that. :glare: Here's a possibility: are either you or planetsim using the tabbrowser extension? (I guess planetsim will have to answer part of that question.)

I am, and it's configured to open "unresized popups" in tabs; that's where the erstwhile hijacking page opened for me, so I'm guessing it grabbed the event and moved it away from its intended target.
planetsim
06-08-2005, 09:41 AM
Yea I it configured to open new windows in tabs. When opening it in a window Im affected. So unless you new Window you should be fine.
goldbug
06-08-2005, 10:09 AM
Originally posted by goldbug
It got me as well. 1.0.4 running on OS X 10.3.9

No tabbrowser extensions here. (Only WebDev, Adblock, Tidy, Checky, GreaseMonkey)