Jump to content
xisto Community
Rik?

Status Bar Spoofing In Firefox

Recommended Posts

Hi :blink:

Now that Firefox get's more popular each day people find more 'bugs' :angry:

The next vulnerability was reported yesterday on SecurityTracker.com:

A spoofing vulnerability was reported in Firefox. A remote user can create HTML that, in certain cases, will spoof the status bar.
A remote user can create HTML with an A HREF link in a table, where the table is embedded within an A HREF tag. If the target user selects to save the spoofed link using the "Save Link As" feature, arbitrary content will be saved to the target user's system.

http://securitytracker.com/id?1013423

I wonder when mozilla will release v1.0.2

Greetz,
RikŠ

Share this post


Link to post
Share on other sites

Yes! As I devout Interent Expolrer user, (Well, I used FireFox for 4 weeks), I'm happy that another secutiry flaw is found in FireFox. EVeryone that uses firefox has a false sense of secuirty that Fireox is 100% fail safe and that Internet Explorere sucks. What's really casuing the problem is not IE's coding, but rather the popularity of it. Whatever is the most popular, hackers wil target that, as firefox gets more popular, it will get more and more flaws.

Share this post


Link to post
Share on other sites

I totally agree with whyme and also the spirit behind Rik's post, when he says that 'Now that Firefox get's more popular each day people find more bugs'.The main disadvantage of IE is that it is popular and people will try to bring it down. Now that Firefox is catching up, they won't even spare it.However, being open source, it is more open for such attacks, and on the contrary also more likely that such bugs will be fixed very soon...

Share this post


Link to post
Share on other sites

Yeah thanks for this thread.actually as many users will help them locate errors and bugs that browser will improve much with its user experience.and best of all the browser is free and works on various os's.anyway if you more security tracking sites pls post them here.

Share this post


Link to post
Share on other sites

Lets face it the only way to totaly protect you computer is take out our modem, cd drive, floppy drive, and usb ports. IE Or Firefox Can And Will Be Attacked.And also while we are one the issue of false security apple computers are not safer than windows. It is that there are not that many mac users ( however there numbers are growing) out there so they have less people creating viruses for them. When the number of users grow the more attacks you will have.ThanksEric DrinkardAslo just for the records. I own a windows and a mac computer

Share this post


Link to post
Share on other sites

Well, at least using firefox means that one is safe from the massive ammount of exploits that already exist for IE. Since this is a open-source project, chances are that fixes will be released faster than what MS can do.

Share this post


Link to post
Share on other sites

Lets face it the only way to totaly protect you computer is take out our modem, cd drive, floppy drive, and usb ports. IE Or Firefox Can And Will Be Attacked.And also while we are one the issue of false security apple computers are not safer than windows. It is that there are not that many mac users ( however there numbers are growing) out there so they have less people creating viruses for them. When the number of users grow the more attacks you will have.ThanksEric DrinkardAslo just for the records. I own a windows and a mac computer

Notice from NilsC:
You just got yourself deleted and banned

Share this post


Link to post
Share on other sites

I would just like to add to this that ric said "I wonder when mozilla will release v1.0.2", but I have Firefox v1.0.2... Screenshot of my about page is here. It is possible that his post (Mar 15 2005, 11:46 AM) was before Firefox 1.0.2 came out, but I don't think so because I thought I've had Firefox for over a month. Well anyways I support Firefox, but I agree that if it became as widely used as Internet Explorer, it would probably have just as many bug exploits. However, I believe the bugs would be fixed faster due to Firefox's open source'ness. :)

Share this post


Link to post
Share on other sites

No, I'm pretty sure that Internet Explorer is inherently inferior to Firefox :) No browser is perfect with regard to security, but Firefox comes much closer than IE. They release their source code, allowing the general public to comb it for vulnerabilities. Thanks to the devout Firefox community, these vulnerabilites are promptly reported and fixed.What does Microsoft do to protect IE from vulnerabilities? They withhold their code. IE has no active community. Microsoft finds out about IE's vulnerabilities when hackers exploit them on a large scale. And they wait entirely too long to issue patches to fix their broken software.IE allows third parties to install software on your computer without your permission, using activeX, unless they bothered to fix that gaping hole in security since I last checked. This thread is no victory for IE. It is merely a reminder of how trivial the flaws in Firefox are in comparison with the manifold susceptibilities of Internet Explorer.

Share this post


Link to post
Share on other sites

I would just like to add to this that ric said "I wonder when mozilla will release v1.0.2", but I have Firefox v1.0.2...  Screenshot of my about page is here.  It is possible that his post (Mar 15 2005, 11:46 AM) was before Firefox 1.0.2 came out, but I don't think so because I thought I've had Firefox for over a month.  Well anyways I support Firefox, but I agree that if it became as widely used as Internet Explorer, it would probably have just as many bug exploits.  However, I believe the bugs would be fixed faster due to Firefox's open source'ness. :)

71135[/snapback]

The security update was March 23, 2005

The exploit was reported Sun, 13 Mar 2005 15:56:35 +0000

(announcement 14 Mar @ securitytracker.com -> http://securitytracker.com/id/1013423)

 

Most open-source software has lesser flaws than commercial.

Because it's open source the creators/coders spent more time coding.... they want to make a clean script ... because everyone can see their skills.

 

Greetz,

Rik©

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.