Tag: security

“On September 6 a security vulnerability affecting all versions of Mozilla Firefox and the Mozilla Suite was reported to Mozilla by Tom Ferris and on September 8th was publicly disclosed.

On September 9, the Mozilla team released a configuration change which, as a temporary measure to work around this problem, disables IDN in the browser. IDN functionality will be restored in a future product update. The fix is either a manual configuration change or a small download which will make this configuration change for the user. Instructions on administering these changes can be found below. ”

Mozilla via /.
some links added

I see I’ve already disabled IDN during the previous incident involving it, and left it disabled.

“A buffer overflow vulnerability exists within Firefox version 1.0.6 and all other prior versions which allows for an attacker to remotely execute arbitrary code on a affected host. […] The following HTML code below will reproduce this issue:

<A HREF=https:--------------------------------------------- >

Simple, huh? ;-]”

Security-Protocols via News.com