TechSpot

Welcome to TechSpot     
Join now  |  Login  | About     

Home Reviews Guides Downloads Drivers Forums
TechSpot Pricewatch TechSpot Hot Deals
Windows Startup Radar Tips & Tricks (blog) Guides & Tweaks Windows updates
News Archive TechSpot Blog TechSpot RSS Feeds User Picture Gallery Techspot's IRC# (Chat) TechSpot in Spanish
 

Lawmakers concerned over Charter's plans to alter ads
Asus C90S Laptop Barebones review @ TechSpot
Samsung touts AMOLED laptop concept
EU warns Google over Street View
Third-party fix for XP SP3 reboots published
News from around the web (05/16/08)
View last 50 headlines
View last commented

Mozilla Firefox 3.0 Release Candidate 1
LEGO Indiana Jones: The Original Adventures Demo
Belarc Advisor 7.2.24.4
NetInfo 6.5 (Build 515)
NetGong (Formerly IPMonitor) 6.5 (Build 515)
MediaCoder 0.6.1.4106
Defraggler 1.01.073 Beta
More Downloads

Samsung SH-S182D Firmware v SB07
Samsung SH-S203B Firmware v SB04
nVIDIA ForceWare WHQL Drivers v 175.16 for Windows XP / MCE
nVIDIA ForceWare WHQL Drivers v 175.16 for Windows XP 64-bit / Server 2003
nVIDIA ForceWare WHQL Drivers v 175.16 for Windows Vista
Latest 50 drivers



Make homepage

Add to Favorites

IRC #3dspotlight

TS in Spanish

 
Password vulnerability in Firefox 2.0.0.5?
By Justin Mann, TechSpot.com
Published: July 23, 2007, 12:07 PM EST




Password vulnerability in Firefox 2.0.0.5? A very short time after Mozilla released an update for Firefox to combat security issues brought about by IE, it seems they are already combating yet another flaw. The newly-discovered but not likely new flaw could potentially result in having a password stolen:

”...the latest version of Firefox, 2.0.0.5, contains a password management vulnerability that can allow malicious Web sites to steal user passwords. If you have JavaScript enabled and allow Firefox to remember your passwords, you are at risk from this flaw.”
On top of Firefox, it seems that Safari is vulnerable in the same way. Being compromised in such a fashion requires certain things to be true, such as the site in question enabling JavaScript (and the site trying to steal your password to begin with). With JavaScript disabled, the flaw can't be exploited.

There is a demo of the flaw available in which you can check to see if you are vulnerable. It seems that some are questioning whether the “flaw” really is such, and whether it should be fixed at all, since certain pages could steal passwords with or without the built-in password manager's help.

 

[ There is 1 additional user comment, Post a Comment | Send to a friend ]

Posted by HarryW on July 24, 2007 at 7:14 PM
Install FireFox plugin "Secure Login 0.8.1.2" (https://addons.mozilla.org/en-US/firefox/addon/4429). It seems to protect the passwords

Please login or register to submit your comment.

Upon registering you will gain complete access to the TechSpot community and join the thousands of computer and technology enthusiasts that share knowledge in our forum. You will be able to post messages, get a private inbox, upload your own photo gallery and more.

Add your comment:

Disable smilies in this post.
Disable block tag code.
Add [url] tag at URLs.


  TechSpot Pricewatch - Computer & Electronics Prices updated everyday

-
Search:    for    

You can also browse through categories in our online price guide, among the available categories: Retail & OEM Processors - Video Cards - Motherboards - Memory - Soundcards - Hard Drives - Monitors - Printers - DVDs - CD-RWs - PDAs and more !

  TechSpot  The PC Enthusiast Resource    |    News    |    Reviews    |    Guides    |    Downloads    |    Drivers    |    Forums    |    Pricewatch    |    News Archive    |    RSS Feeds

  Our Blog    |    Tech Deals    |   vb Sitemap    |    User Gallery    |    Startup Radar    |    Icons by Foood    |    Powered by StoryTeller    |    TechSpot in Spanish


  Copyright © 1998-2008 TechSpot.com. TechSpot is a registered trademark. All Rights Reserved. Privacy policy.

Advertising | About TechSpot