Avast WEBforum
Other => General Topics => Topic started by: polonus on November 01, 2006, 01:24:27 PM
-
Hi malware fighters,
We could have waited for it, now it is here, a hole in FF 2.0. Only able to crash the browser now, look here:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5633
A proof of concept: http://werterxyz.altervista.org/Firefox2Range.htm
(Does not work with NoScript enabled, people do not know what a gigantic protection can be achieved by installing the NoScript add-on for FF or Flock).
polonus
-
Already posted by Cloussau here:
http://forum.avast.com/index.php?topic=24536.45
-
Yes, NoScript is very handy for these and any other script attacks when you arrive at an unknown site.
-
And its a MultiPlatform bug as it crashes the Mac version too
-
Firefox has roughly 10% of the browser market, and it's well known, that it is used heavily by computer savvy folks. I wonder how many of those users aren't using NoScript? Kind of a non-starter don't ya think? ;)
Edit: Typo
-
Update on the story:
http://news.com.com/Another+denial-of-service+bug+found+in+Firefox+2/2100-1002_3-6131624.html?tag=cd.top
-
Update on the story:
http://news.com.com/Another+denial-of-service+bug+found+in+Firefox+2/2100-1002_3-6131624.html?tag=cd.top
Release of the new Web browsers set off a race among bug hunters to come up with the first security hole in either program.
So far, though, none of the reported flaws could be exploited to hijack a PC running the browser, the most serious type of vulnerability.
That's actually when a flaw becomes a security breach. Everything else is simply an annoyance. IMHO :)
-
That's actually when a flaw becomes a security breach. Everything else is simply an annoyance. IMHO :)
Frankly, that's one of your "opinions" that ought to be etched in stone!
;D
Edit: Typo
-
This is a bit off topic to this subject, but very interesting to see how unreadable this page is without NoScript running:
http://www.castlecops.com/t159501-suggest_a_firewall.html
All those google advertisements.
Many other forums are also much better to read with disabling them to have javascript.
Avast forum of course is an exception.
-
I have been using NoScript for so long, that I didn't realize there were so many adds without it!!!
(http://smileys.sur-la-toile.com/repository/Grands_Smileys/dinosaure-t-rex.gif)
Ro Ro 8)
-
Yes roro.
I don't use adblock or proxomitron or any, but NoScript basically keeps my internet surfing less flashing and advert free :)