Yet another security issue
You are here:  SillyDog701 > Message Centre > Firefox, SeaMonkey and Netscape > [sdt=7670]
SillyDog701 Forums
Author Message
James
diamond member


Joined: 12 Jul 2002
Posts: 1536
29 Nov, 2004 9:29 pm Yet another security issue [sdp=48395]  
http://www.internetnews.com/security/article.php/3440971

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041107 Firefox/1.0
James
It's later than you think.

Firefox 3.0.3, IE 7
Back to top profile
Fulvio
Moderator


Joined: 19 Jun 2002
Posts: 10689
29 Nov, 2004 10:09 pm [sdp=48399]  
As long as there is software, there will be vulnerabilities.
It is dated today, but there may be patching problems since the guy who found the vulnerability went public after having reported it.
Apparently all browsers are affected.

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040804 Netscape/7.2 (ax)
"I've got a very poor sense of direction. I keep forgetting which way is forwards."
WinXP, SP2, FF2.0.0.18, FF3.0.4 portable, Flock2.0.2, TB2.0.0.18, IE7.0, Opera9.52, SM1.1.13, Sygate5.6; AVG8.01, JRE1.6_07
Back to top profile
J-M
diamond member


Joined: 25 Jul 2004
Posts: 747
Location: Helsinki, Finland
30 Nov, 2004 1:51 pm [sdp=48442]  
Fulvio wrote:
It is dated today, but there may be patching problems since the guy who found the vulnerability went public after having reported it.

It's very irresponsible to report to security mailing list before contacting the vendor, I think that is as objectionable with "good" mailing lists and so-called underground lists.
Always registration to mozilla.org's Bugzilla site is not necessary. It is recommended, but if you want to stay anonymous or are not 100 % sure if selection 'Check this box if this is a security problem that needs to be kept confidential' is necessary, maybe it's better to use reporting mail address;
security @ mozilla.org. More information about this is available here http://www.mozilla.org/projects/security/security-bugs-policy.html .

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi-FI; rv:1.7.5) Gecko/20041108 Firefox/1.0
Back to top profile website
Fulvio
Moderator


Joined: 19 Jun 2002
Posts: 10689
30 Nov, 2004 2:29 pm [sdp=48444]  
The way I read the article, I can see two possible happenings. One that the guy reported to Microsoft, but did not to the mozilla community. And, that only after the press conference someone report to bugzilla.
The way the article is written, I can't tell what happened.
I have to make a couple comments about Bugzilla. It may have changed, but it is a pain to report anything. Secondly, some people have this feeling that reporting is the same as expecting immediate results.
I have been in beta testings, and so many people are indignant because they got no reply nor action within 48 hrs or less.

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20041122 Firefox/0.5.6+
"I've got a very poor sense of direction. I keep forgetting which way is forwards."
WinXP, SP2, FF2.0.0.18, FF3.0.4 portable, Flock2.0.2, TB2.0.0.18, IE7.0, Opera9.52, SM1.1.13, Sygate5.6; AVG8.01, JRE1.6_07
Back to top profile
J-M
diamond member


Joined: 25 Jul 2004
Posts: 747
Location: Helsinki, Finland
01 Dec, 2004 1:24 pm [sdp=48531]  
Fulvio wrote:
The way I read the article, I can see two possible happenings. One that the guy reported to Microsoft, but did not to the mozilla community.

A reporter writes:

Quote:
"I'd have loved to CC mozilla about this, but I didn't have the time"

[continues]

It is possible that this person didn't want to contact mozilla.org, by sending a mail (''CC") or filling a bug report, at all. This is very sad. Maybe a new tendency, anti-Mozilla people is founded, however?
Question Maybe a quite new word, Google shows 586 hits. (136 of these are most relevant results).

UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fi-FI; rv:1.7.5) Gecko/20041108 Firefox/1.0
Back to top profile website
Display posts from previous:   
Reply to topic    Forum Index > Firefox, SeaMonkey and Netscape All times are CST (GMT -6)
page 1 of 1
To add your questions, comments, and for more features and more, please join SillyDog701 Message Centre. It's free! This is SillyDog 701 Message Centre (SD701 Forums).
shovel head motor - shop online for harley davidson parts & accessories at surdyke.com.
Buy Text Links - buy and/or sell text link ads.
Conference Bags

iTunes Gift Certificates iTunes .Mac

*Search | FAQ | Rules and Policies | MozInfo701 - Mozilla Information Centre | SD701 Open Directory | Message Board Map | download Netscape