also @ TechSpot: Sony patent aims to put content-interrupting commercials in video games

Mozilla prepares fix for Firefox's flat add-on vulnerability

By

On January 31, 2008, 4:39 PM EST

A Firefox security flaw originally judged to be of low severity has been upgraded to high, but Firefox 2.0.0.12 “which will be available shortly,” according to the Mozilla Security Blog, will include a fix for the problem.

The vulnerability, known formally as the “chrome protocol directory transversal,” concerns the so-called ‘flat’ add-ons that store their components in multiple files instead of using a single .jar file. A flaw in the way the program handles the chrome protocol could allow an attacker to retrieve data from a compromised system.

The vulnerability is not within the browser, according to Mozilla’s chief of security Window Snyder, but in how the extensions are written. You can check out a list of affected extensions at Mozilla’s website while you wait for the next Firefox update.

Related Stories

No tags on this story

Post a comment

Post a new comment

Guest user

To post as an anonymous
user click here.

Members

If you are a TechSpot member,
please login first.


By signing up you gain complete access to the TechSpot community. Join thousands of computer and technology enthusiasts that contribute and share knowledge in our forum. Post messages, get a private inbox, upload your own photo gallery and more.

Most Popular

Trending Featured
More Trending Topics

Editors' Storage Picks

Downloads & Drivers

Downloads   Drivers  

GMABooster 2.1a

HaoZip 2.8

Defraggler 2.10.413

The Cleaner 2012 8.1.0.1110

WinISO 6.2.0.4526

More Downloads

Related Discussion

Set back to factory settings

Effective Air Cooling Guide (Part II) - Myths, Old Rituals, and Analysis

Microsoft Security Essentials won't do a full scan

Problem with power supply

[UDK] Critical Point - Incursion

More at the Forums

Subscribe to TechSpot

Get free exclusive content, learn about new features and tech breaking news.