Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
Mozilla Privacy Leak Reported
Bug hunters report flaw in most browsers based on the open-source technology.
Scarlet Pruitt, IDG News Service
A "serious" privacy leak in Mozilla--and other browsers based on the open-source technology, such as Netscape and Galeon--discloses users' Web surfing information, according to a recent report.
The Mozilla bug has been reported on the Bugtraq mailing list by researcher Sven Neuhaus. He says the newly discovered vulnerability reveals the URL of the page a Web surfer is visiting to the Web server of the last page the user visited. The bug affects Mozilla 1.0, 1.0.1, and 1.1, as well as Mozilla-based browsers such as Netscape 7 and Galeon, Neuhaus said. Older versions of Mozilla could also contain the bug, the researcher added.
A Mozilla representative was not immediately available to comment on the bug. However, an alpha version of Mozilla 1.2--not fingered by Bugtraq as having the flaw--is available from the development group.
Flaw Described
According to the report, the vulnerability occurs not only for links followed on the page, but also for manually entered URLs and bookmarks. The problem originates in the HTTP requests that are launched from a page's "onunload" handler, he said.
Although Neuhaus said that the bug is a couple of months old, he said he was disclosing the vulnerability at this time to prompt a fix.
Mozilla is an open-source development project originally begun by Netscape, which is now part of AOL Time Warner. The open-source development group Mozilla.org released and supports the browser, originally released in June.
The Mozilla technology has been incorporated into AOL's Gecko Web-rendering engine, which is used in the company's Netscape 7 browser, among others.
Mozilla.org invites users to report bugs on its site. A security company voiced concern about a vulnerability that allowed remote viewing of users' systems even in prerelease versions of Mozilla.
Bugs Find Browsers
The leading browser, Microsoft's Internet Explorer, has been dogged with bug reports as well. Microsoft updated IE 6 with the release last week of a Service Pack, which collects a number of bug fixes. It was released in conjunction with SP1 for Windows XP, which plugs a hole that leaves PCs vulnerable when they are connected to the Internet.
Microsoft says its SP1 for IE 6 fixes addresses more than 300 issues with the browser, which first shipped last October with Windows XP. However, some bug hunters say flaws remain, despite the update.
Laptop Showcase
Full Windows 7 coverage
Featured APC Accessories
-
APC Back-UPS ES Safeguards your equipment from damaging surges and spikes that travel along your utility & data lines.
-
APC SurgeArrest Performance Highest level of protection for your professional computers, electronics and connected devices, as well as provides surge protection.
People who read this also read:
Best Prices on Security Software
Norton Internet Security 2010 - 3 UsersPrice: $27.90
Norton 360 Version 3Price: $38.98
Norton Internet Security 2010 - 3 UserPrice: $27.90
Internet Security 2010Price: $24.95
Internet Security 2010Price: $33.54
AntiVirus Plus 2010 - 3 Users (Full Product)Price: $11.95
- 15 Minutes to a Secure Business Get the Secure in 15 toolkit starting with the "15 Minutes Month-at-a-Glance" calendar. McAfee will send you additional tools and tricks to stay protected around the clock.
- A Buyer's Guide to Data Protection Implementing data protection products and processes can be daunting. Make the right decisions by exploring what is available and what makes sense for your organization. Use this simple guide to evaluate different vendor offerings.
