Firefox has pop-up blocker flaw in Version 1.5.0.9
By
A flaw in the pop-up blocker of the open-source browser Firefox could allow an attacker to access local files, according to security analysts. No big deal for many enthusiasts as we are running Firefox 2.0.0.1 and not the older 1.5.0.9 version! Update People!
The flaw, however, does not affect Firefox 2.0, the latest version of the browser, but version 1.5.0.9, according to Beyond Security, which credited the find to Michal Zalewski. The attack could occur if a user manually allows a pop-window to appear. The browser normally blocks access to local files, but when a pop-up is manually allowed, “normal URL permission checks are bypassed,” Beyond Security said.
Comments are closed.