Home › News › Industry News

Mozilla prepares fix for Firefox's flat add-on vulnerability

On January 31, 2008, 4:39 PM

A Firefox security flaw originally judged to be of low severity has been upgraded to high, but Firefox 2.0.0.12 “which will be available shortly,” according to the Mozilla Security Blog, will include a fix for the problem.

The vulnerability, known formally as the “chrome protocol directory transversal,” concerns the so-called ‘flat’ add-ons that store their components in multiple files instead of using a single .jar file. A flaw in the way the program handles the chrome protocol could allow an attacker to retrieve data from a compromised system.

The vulnerability is not within the browser, according to Mozilla’s chief of security Window Snyder, but in how the extensions are written. You can check out a list of affected extensions at Mozilla’s website while you wait for the next Firefox update.

No tags on this story

Next Article: Spam company Member Source Media settles with FTC

TechSpot on:

Most Popular

Trending

Featured

Featured on Cases

Downloads and Drivers

MessageMe for Android 1.0.11

More Downloads

Latest Discussion

Monitor - No display when i put my HD6670 into motherboard 5 replies on Audio and Video

How did my Windows key become disabled? 15 replies on Other Hardware

Screen saver stop working after installing Norton 12 replies on Software Apps

Need advice on router-buy 5 replies on Storage and Networking

Windows load screen at boot, looong black screen, then normal startup 61 replies on Windows OS

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.

TechSpot

Welcome to TechSpot

Home › News › Industry News

Mozilla prepares fix for Firefox's flat add-on vulnerability

Next Article: Spam company Member Source Media settles with FTC

Post a new comment

TechSpot on:

Most Popular

GeForce GTX 780 Review: The Titan Descendant

OCZ Vertex 450 Review: Vector-like Performance For Less

Xbox One: Entertainment hub first, gaming console second - but can it disrupt TV?

Metro: Last Light Tested, Benchmarked

Microsoft officially announces Xbox One: here's what we know so far

OCZ Vertex 450 SSD Review

Nvidia GeForce GTX 780 Review

Xbox One: Entertainment Hub First, Gaming Console Second -- But Could It Disrupt TV?

Metro: Last Light Performance, Benchmarked

Building a Thin Mini-ITX PC: Small and Silent Performance

Featured on Cases

92 Cooler Master HAF XB

88 SilverStone Sugo SG09

88 Cooler Master Silencio 650

88 SilverStone Fortress FT03

83 Corsair Vengeance C70

Downloads and Drivers

Latest Discussion

Subscribe to TechSpot

Featured Tech Content - Inside TechSpot

	Social Login & Guest Posting Post as anonymous user			TechSpot Members Login here or sign up for free, it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.