Mozilla warns of Firefox 1.5 flaw
#1
Mozilla warns of Firefox 1.5 flaw
Mozilla has warned users of a bug in its newest browser, Firefox 1.5 that, after visiting sites with long domain names, could make it seem like their computer has crashed.
The flaw, though, doesn't make users vulnerable to attacks, reckons the open source company, despite issuing a security advisory warning on Sunday.
According to Mozilla, the problem could cause a buffer overflow error but will cause no lasting damage to the application. It also ruled out the possibility of denial-of-service attacks.
The problem, which the company says is very easy to fix, causes pages with very long titles to be processed so slowly by Mozilla that the browser seems to hang every time it is started.
To correct the problem, the offending site must be removed from the browser's history file, or the history folder must be cleared.
They had "issued a security advisory on a temporary start-up unresponsiveness caused by web pages in a browser history with extremely long titles", the company said in a statement. "If a user encounters this problem, the slow start can be fixed by clearing the browser history."
The company found there was no danger of a buffer overflow, which would have made computer's using the browser vulnerable to crashing.
"We can find no basis for claims that variants of this denial-of-service attack can cause an exploitable crash," said the company in its advisory. "There does not appear to be any risk to users or their computers beyond the temporary unresponsiveness at startup."
No release date has been set for a fix.
The flaw, though, doesn't make users vulnerable to attacks, reckons the open source company, despite issuing a security advisory warning on Sunday.
According to Mozilla, the problem could cause a buffer overflow error but will cause no lasting damage to the application. It also ruled out the possibility of denial-of-service attacks.
The problem, which the company says is very easy to fix, causes pages with very long titles to be processed so slowly by Mozilla that the browser seems to hang every time it is started.
To correct the problem, the offending site must be removed from the browser's history file, or the history folder must be cleared.
They had "issued a security advisory on a temporary start-up unresponsiveness caused by web pages in a browser history with extremely long titles", the company said in a statement. "If a user encounters this problem, the slow start can be fixed by clearing the browser history."
The company found there was no danger of a buffer overflow, which would have made computer's using the browser vulnerable to crashing.
"We can find no basis for claims that variants of this denial-of-service attack can cause an exploitable crash," said the company in its advisory. "There does not appear to be any risk to users or their computers beyond the temporary unresponsiveness at startup."
No release date has been set for a fix.
Thread
Thread Starter
Forum
Replies
Last Post
GTCz-Roger
Computer / Technology Chat
3
10-03-2012 03:40 AM
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)