Author Topic: Added security for Mozilla Firefox 3Beta5  (Read 2029 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Added security for Mozilla Firefox 3Beta5
« on: May 04, 2008, 02:03:00 AM »
Hi malware fighters,

I contemplated the possible vulnerabilities during a recent dom-checker routine for Firefox.
I attached filters.txt, change this into filters.XML to be placed in the main firefox folder next to where are located e.g. blocklist.xml and active-update.xml etc.
After applying :
Content at http://lcamtuf.coredump.cx/dom_checker/ may not load or link to file:///c:/boot.ini.
Content at http://lcamtuf.coredump.cx/dom_checker/ may not load or link to file:////etc/hosts.
Content at http://lcamtuf.coredump.cx/dom_checker/ may not load or link to file:///c:/.
Content at http://lcamtuf.coredump.cx/dom_checker/ may not load or link to file:///etc/hosts.
This with NoScript temporarily allowing  http://lcamtuf.coredump.cx/dom_checker/

enjoy the added security,

polonus

P.S. Read: http://php-ids.org/2007/09/
« Last Edit: May 04, 2008, 02:21:51 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!