Mozilla firefox still need to be patched after Firefox 2.0.0.12 released. A hacker named Ronald van den Heetkamp will be famous around the web because he said to firefox development team about Mozilla Firefox 2.0.0.12 security issues and this news still hot on the web now.

“Don’t patch vulnerabilities for fifty percent, take the time and fix the cause. Because directory traversal through plugins is all nice and such, we don’t need it. We can trick Firefox itself in traversing directories back. I found another information leak that is very serious because we are able to read out all preferences set in Firefox, or just open or include about every file stored in the Mozilla program files directory, and this without any mandatory settings or plugins.” said Ronald van den Heetkamp.

He recommended to install NoScript add-on for now until Firefox development team release patch for this new version.

Do you want to get daily computer tips and web 2.0 info? subscribe Zepy full RSS feed

Monday, February 11th, 2008 at 7:48 pm | by Neezar |