Mozilla flaws could allow attacks, data access
Source: CNET News - Posted by Pax Dickinson   
Vendors/Products Multiple vulnerabilities that could allow an attacker to install malicious code or steal personal data have been discovered in the Mozilla Suite and the Firefox open-source browser.

Details of the nine flaws were published on Mozilla's security Web site over the weekend.

Ian Latter, senior security consultant at Internet security specialist Pure Hacking, said most of the vulnerabilities are based on the way the applications handle JavaScript.

"There are some permission issues related to running JavaScript at an escalated privilege level. They remove some of the security measures used to keep JavaScript sandboxed and allow it to potentially do malicious things to your computer," said Latter.

Another issue could allow malicious scripts to gain access to random pieces of memory, he said.

"This random memory may or may not contain pieces of information about where you have been browsing. The worst-case scenario is that it could contain some personal or login information," said Latter.

Read this full article at CNET News

Only registered users can write comments.
Please login or register.

Powered by AkoComment!