also @ TechSpot: Lenovo sees huge increase in PC sales as rest of industry declines

Flaws discovered in IE, Firefox could lead to data compromise

By Justin Mann

On February 12, 2007, 8:36 PM

In a fairly rare event, two flaws have been simultaneously discovered that affect the two most popular browsers in the world in similar fashions. Internet Explorer version 6 and possibly 7 is affected by one flaw, and Firefox 1.5/2.0 is affected by another. Both of the vulnerabilities are based in the browsers ability to upload files to a remote location and could end up resulting in sensitive data being stolen. It is a long shot, though, requiring someone to visit a malicious site and can't it can't just pull arbitrary files out of anywhere. It can, however, be used to steal encrypted password files or other well-known files.

There are two demonstrations linked, one for IE and one for Firefox, that shows how the vulnerability works. Now it will be interesting to see who gets a patch out the door first, Microsoft or Mozilla.

No tags on this story

1 comment

User Comments: 1

Got something to say? Post a comment
  1. February 13, 2007 5:22 PM
    nathanskywalker said:
    [quote]The vulnerability resides in the functionality that allows the browsers to upload files to a remote server. It requires a victim to visit a booby-trapped website and enter text with certain characters in a comment interface or other input field.[/quote]So, it's not a widespread problem, yet. That's nice..[quote]steal encrypted password files[/quote]The answer to this is simple: Don't keep you passwords on your pc . Of course, if you can't remember 20 different passwords, password storage can make things far less...difficult.
    Reply

Recently commented stories

Post a new comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.
TechSpot on:

Most Popular

Trending Featured
More Trending Topics

Featured on Smartphones

Downloads and Drivers

Downloads   Drivers  

KiTTY 0.62.2.3

mIRC 7.32

Actual Bookmarks 1.2

World of Warcraft Patch 5.3.0

Funny Photo Maker 2.4.1

More Downloads

Latest Discussion

No monitor signal 67 replies on Audio and Video

Need a 5.1 speaker system with USB input 8 replies on Audio and Video

Upgrading my computer 7 replies on Processors and Motherboards

Nvidia geforce 315m? 5 replies on Audio and Video

Need advice for upgrade 5 replies on Audio and Video

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.