- Recommend:
- 0 Comments
Mozilla Privacy Leak Reported
Bug hunters report flaw in most browsers based on the open-source technology.
A "serious" privacy leak in Mozilla--and other browsers based on the open-source technology, such as Netscape and Galeon--discloses users' Web surfing information, according to a recent report.
The Mozilla bug has been reported on the Bugtraq mailing list by researcher Sven Neuhaus. He says the newly discovered vulnerability reveals the URL of the page a Web surfer is visiting to the Web server of the last page the user visited. The bug affects Mozilla 1.0, 1.0.1, and 1.1, as well as Mozilla-based browsers such as Netscape 7 and Galeon, Neuhaus said. Older versions of Mozilla could also contain the bug, the researcher added.
A Mozilla representative was not immediately available to comment on the bug. However, an alpha version of Mozilla 1.2--not fingered by Bugtraq as having the flaw--is available from the development group.
Flaw Described
According to the report, the vulnerability occurs not only for links followed on the page, but also for manually entered URLs and bookmarks. The problem originates in the HTTP requests that are launched from a page's "onunload" handler, he said.
Although Neuhaus said that the bug is a couple of months old, he said he was disclosing the vulnerability at this time to prompt a fix.
Mozilla is an open-source development project originally begun by Netscape, which is now part of AOL Time Warner. The open-source development group Mozilla.org released and supports the browser, originally released in June.
The Mozilla technology has been incorporated into AOL's Gecko Web-rendering engine, which is used in the company's Netscape 7 browser, among others.
Mozilla.org invites users to report bugs on its site. A security company voiced concern about a vulnerability that allowed remote viewing of users' systems even in prerelease versions of Mozilla.
Bugs Find Browsers
The leading browser, Microsoft's Internet Explorer, has been dogged with bug reports as well. Microsoft updated IE 6 with the release last week of a Service Pack, which collects a number of bug fixes. It was released in conjunction with SP1 for Windows XP, which plugs a hole that leaves PCs vulnerable when they are connected to the Internet.
Microsoft says its SP1 for IE 6 fixes addresses more than 300 issues with the browser, which first shipped last October with Windows XP. However, some bug hunters say flaws remain, despite the update.
Would you recommend this story? YES NO
- Recommend:
- 0 Comments
-
Speed Up Everything!
PCWorld shows you the secrets to improve performance on all your hardware.
-
Become an Android authority
Play music or games, run productivity apps and essential utilities.
-
ThinkPad Edge E420 Lenovo Style in an Affordable Package
Buy now direct from Lenovo -
ThinkPad X220 Fast and light, with great input ergonomics and battery life, this powerhouse ultraportable is best-of-breed.
Buy now direct from Lenovo -
ThinkPad X120e One of the best netbooks ever, X120e has the best netbook keyboard ever--nothing else comes close
Buy now direct from Lenovo
- Firefox 12 Tab Features May Have Been Prematurely Hyped
- Which Browser Has Your Back? That Would Be Firefox
- Is Mozilla's Firefox 5 a More Stable Browser Than Its Predecessor?
- Chrome Is Most Secure of the Top Three Browsers, Study Finds
- 9000 Good Reasons to Upgrade to Firefox 7.0.1
- Firefox Leaps Ahead With Versions 6, 7, and 8
- Firefox Update Fixes Three Critical Flaws
- 12 Criteria for Selecting the Best ERP System Replacement An ERP system is your information backbone and reaches into all areas of your business and value chain. Replacing it can open unlimited business opportunities. This white paper explains the 12 criteria that allow you to identify and select the solution that will meet these expectations.
- Leveraging Social Computing Technologies for ERP Applications This white paper details how Web 2.0 technologies support business strategies by improving efficiency, productivity, and collaboration.



















