News

Firefox threatened by malicious code

Antony Savvas

Exploit code to crash the open source Firefox browser has surfaced on the internet. The code is designed to take advantage of a bug in the history.dat file of the recently launched Firefox 1.5 browser.

The history.dat file stores information from websites which the user has visited using Firefox. Users who visit a malicious site loaded with the code could find that their browser will crash.

The flaw has been reported by the SANS Institute’s Internet Storm Centre, although the security implications of the flaw have not been confirmed by the Mozilla Foundation, which distributes Firefox.

It has been suggested by the Internet Storm Centre that the flaw could lead to a malicious execution of code on an affected user’s machine, but Mozilla says there is no evidence of this.

But to be able to start up their browser again, affected users have to manually clear out their browser’s history.dat file.

 

 


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy