Infosecurity - Firefox' reputation takes a battering on the security front

The reputation of Mozilla's popular Firefox web browsing software - now into version 3.5 - took a battering this week as the Secunia security research advisory team revealed a flaw in the way the browser handles Javascript calls.

The problem - explained in some depth on the Milw0rm security exploit portal - means that hackers could compromise a website and then infect visitors to the page who use Firefox.

The cause of the security flaw in Firefox appears to be a buffer overflow when processing font tags that have been customised, Infosecurity understands.

Mozilla has been notified of the security problem and is expected to bring out a patch shortly.

Infosecurity suggests that Firefox users should either disable Javascript on their browsers or - if they want to visit sites with Javascript features using Firefox - install the IE Tab add-in.

The IE Tab add-in - coded by Taiwanese programmer Hong Jen Yee - allows Internet Explorer's rendering engine to be loaded within Firefox and so prevent the native Javascript flaw from causing problems.

The add-in is also useful, Infosecurity notes, for accessing sites using Firefox that normally only work with Internet Explorer.

Comment on this article

You must be registered and logged in to leave a comment about this article.

Share

Related Links

Top 5 Stories

News

Firefox' reputation takes a battering on the security front

The reputation of Mozilla's popular Firefox web browsing software - now into version 3.5 - took a battering this week as the Secunia security research advisory team revealed a flaw in the way the browser handles Javascript calls.

Comment on this article

Members' Login

Not a member?