Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Security

Submission + - Critical flaw in current Firefox discovered

HuckleCom writes: F-Secure has a blog post regarding the latest version of Firefox and a vulnerability that allows malicious javascript code to manipulate any of your cookies.

From the Blog: "There's a new bug reported in the way Firefox handles writes to the 'location.hostname' DOM property. The vulnerability could potentially allow a malicious website to manipulate the authentication cookies for a third-party site."

From what I can recollect, this seems to be the first vulnerability discovered in the actual current version of Firefox — at least for a good long time.

Thus spake the master programmer: "When a program is being tested, it is too late to make design changes." -- Geoffrey James, "The Tao of Programming"

Working...