Firefox 2.0.0.13, Sooner Than You Thought

By | February 10, 2008 | 3 Comments

Firefox 2.0.0.13Just a few days ago (with the Firefox 2.0.0.12 release), “Directory Traversal Vulnerability” was supposed to be fixed. However, as it’s noted here, by the guy who discovered new security vulnerability, it wasn’t fully fixed. Here’s a quote from his blog:

Because directory traversal through plugins is all nice and such, we don’t need it. We can trick Firefox itself in traversing directories back.

I found another information leak that is very serious because we are able to read out all preferences set in Firefox, or just open or include about every file stored in the Mozilla program files directory, and this without any mandatory settings or plugins.

Check his post here.

As for now, you may want to install NoScript plugin for Firefox till they are fixing this security issue.

News and Reviews about Your Favorite Web Browser. Subscribe to our RSS Feed.


About (Author Profile)


Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism carrier back in 2007 when he founded FavBrowser.com. Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.

  • william berkowitz

    Hi,
    Sometime last Fall, 2007, I updated my Firefox to 2.0.0.12. Some time thereafter I started getting a blue screen. This occurred under the following circumstances. I downloaded technical (chemistry) papers from various libraries. After working at this for perhaps an hour+, the download would begin to get very slow, then stall. I would reboot and continue thusly, but presently the blue screen would appear. This problem persisted even after I got some professional cleaning help. I finally discovered that Firefox itself was the culprit, as the problem did/does not occur when I use Internet Explorer (7.0.5730.11). I have looked for blogs which describe this problem, but have found very little which could help.
    Any ideas?

  • AG

    Switch to Opera

  • -V-

    Opera sux, install the beta 4 or 5 of Firefox 3.

«
»