September 9th, 2005

Neko (lofulah)

Firefox/Netscape security flaw

http://blogs.washingtonpost.com/securityfix/2005/09/firefox_netscap.html

A security researcher has uncovered serious security holes in the latest versions of the Firefox, Mozilla Suite and Netscape Web browsers, flaws that could allow attackers to break into computers if users visit a specially crafted Web site or click on a malformed link in an e-mail, for example.

Bad guys are almost certain to take advantage of this flaw, if for no other reason than it is extremely easy to exploit. All three browsers can be forced to execute a command or computer program of the attacker's choice just by directing them to a URL that is little more than "http://" and a string of dashes....