Home › News › Industry News

Firefox vulnerability leaves cookies exposed

On February 14, 2007, 8:55 PM EST

A vulnerability in FireFox has been discovered that relates to cookie management. While not a critical flaw in terms of immediate impact, it is dangerous in that it could potentially lead to spoofing or data compromise, such as usernames. Potentially, a malicious site could lead to someone being tricked:

By injecting text string that includes "x00," normal safeguards can be bypassed, allowing the browser to be fooled about the origin of a domain trying to set or modify a cookie. The sleight of hand makes a victim's browser appear to be talking to trustedbank.com when in fact it is receiving data from evilhackers.com.
It affects versions up to 2.0.0.1, and the linked article contains demonstrations. It is already reported in Bugzilla and hopefully the Mozilla dev deam will release a patch soon.

Related Stories

No tags on this story

Next Article: David Pogue releases 848-page Vista "Manual"

3 comments

User Comments (3)

Post a comment

canadian on February 14, 2007 11:00 PM	Do news items like this mean Firefox is horrible because of all these security holes, or its great because when ever a hole is found, it makes the news? Reply
kitty500cat on February 15, 2007 9:55 AM	in the related stories, it says flaws discovered in IE. no joke.Firefox is still more secure, I guess, maybe cuz it's slightly less used and thus less targeted. Reply
Soul Harvester on February 15, 2007 4:44 PM	[b]Originally posted by canadian:[/b][quote]Do news items like this mean Firefox is horrible because of all these security holes, or its great because when ever a hole is found, it makes the news?[/quote]It's called coverage. With the millions upon millions of FireFox users, do you think all of them have a newsletter subscription that alerts them when they should update, or that every single FF user has automated updating turned on? People like to hear about these things because it keeps them informed to something very relevant to a typical desktop user. If there is a flaw found in Opera, IE, FireFox, Konqueror, Safari or any other browser worthy of note that could leave data vulnerable, we'll talk about it. Reply

Browse more commented news

Most Popular

Trending

Featured

Editors' CPU Picks

Downloads & Drivers

The Cleaner 2012 8.1.0.1110

WinISO 6.2.0.4526

More Downloads

Related Discussion

AVG 2012

[UDK] Critical Point - Incursion

Could it be the graphics card?

Compaq Presario CQ61 screen LCD cable change but not working

Laptop screen messed up

More at the Forums

Subscribe to TechSpot

Get free exclusive content, learn about new features and tech breaking news.

TechSpot

Home › News › Industry News

Firefox vulnerability leaves cookies exposed

Next Article: David Pogue releases 848-page Vista "Manual"

User Comments (3)

Post a new comment

Most Popular

iOS 5.1.1 untethered jailbreak tool released, supports 4S, iPad 3

After five days, Facebook ranks as worst IPO flop of the decade

Rumor: Windows 8 RC will launch June 1, will ship with Adobe Flash

Rumor: AMD "Piledriver" FX CPU production to begin Q3 2012

Diablo III becomes the fastest-selling PC game in history

Kingston HyperX 3K 240GB and SSDNow V+200 240GB Review

TechSpot PC Buying Guide

Interview with Raspberry's Founder Eben Upton

Diablo III Review

Diablo III Performance Test: Graphics & CPU

Editors' CPU Picks

90 Intel Core i7-3770K 3.5GHz Socket 1155

84 AMD Fusion A8-3850 2.9GHz Socket FM1

82 Intel Core i7-3820 3.6GHz Socket 2011

88 Intel Core i7-2700K 3.5GHz Socket 1155

92 Intel Core i5 2500K 3.3GHz Socket 1155

Downloads & Drivers

Related Discussion

Subscribe to TechSpot

Featured Tech Content - Inside TechSpot

	Guest user To post as an anonymous user click here.			Members If you are a TechSpot member, please login first.
By signing up you gain complete access to the TechSpot community. Join thousands of computer and technology enthusiasts that contribute and share knowledge in our forum. Post messages, get a private inbox, upload your own photo gallery and more.