| By Web 2.0 News Desk | Article Rating: |
|
| September 21, 2007 05:45 PM EDT | Reads: |
8,629 |
The Firefox "QuickTime Bug" - has been fixed. QuickTime Media-Link files contain a qtnext attribute that could be used on Windows systems to launch the default browser with arbitrary command-line options and previously when the default browser was Firefox 2.0.0.6 or earlier, use of the -chrome option allowed a remote attacker to run script commands with the full privileges of the user.
The vulnerability had lasted for a year, causing security guru Eric Schultze last week to recommend that FF users with the QuickTime plug-in switched to IE (or not click on movie files) until the Mozilla Foundation could release a patch, as it has now done.
Published September 21, 2007 Reads 8,629
Copyright © 2007 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.
- i-Technology Viewpoint: Firefox Lessons for the Java Community
- Firefox 2.0: Burning the Fire to Outfox IE
- Mozilla Releases Firefox 2
- Adobe Gives Aid and Comfort to Firefox
- IBM Throws A Security Blanket Around Virtualization
- Security in a SOA
- Apple Making No Allowance for Linux, Firefox and the Creative Commons
- Linux Solution Tackles iPhone AJAX Security
- Application Security in AJAX
More Stories By Web 2.0 News Desk
The Web 2.0 Journal News Desk keeps you up to speed with all that's happening in the world of the read/write Web and all its mushrooming new facets - from tagging, wikis, mash-ups, and image-sharing to "Advertising 2.0," podcasting, and The Writeable Web.
- Yahoo! to Keynote 4th Cloud Expo: Accelerating Innovation with Cloud Computing
- Publishing Synergy: Blog, Twitter and Ulitzer
- Confessions of a Ulitzer Addict
- Wave on Ulitzer: Confessions of a Google Wave Fanboy
- Google Wave Hits Wider Beta
- Live Demo of Yahoo! Query Language at Cloud Computing Expo
- Ulitzer Provides a Powerful Social Journalism Platform
- Yahoo! SVP Shelton Shugar to Discuss Innovation at Cloud Computing Expo
- How to Extract Your Contacts from LinkedIn and Facebook
- Yahoo! Announces Open-Source Cloud Server
- Google Open Sources its JavaScript Tools
- And for Its Next Trick, IBM Targets Amazon’s S3, Others
- Yahoo! Named “Platinum Sponsor” of Cloud Computing Expo
- Yahoo! to Keynote 4th Cloud Expo: Accelerating Innovation with Cloud Computing
- Publishing Synergy: Blog, Twitter and Ulitzer
- Confessions of a Ulitzer Addict
- Wave on Ulitzer: Confessions of a Google Wave Fanboy
- Is Ulitzer a New Trend or the Ultimate Death of Journalism?
- Twitter, Linked In, Ning and Ulitzer: Easy Personal Branding Strategy
- Ulitzer Live! New Media Conference & Expo
- Ulitzer vs. Ning
- Social Media on Ulitzer - Strategy Nets New AUM for RIA
- Google Wave Hits Wider Beta
- Live Demo of Yahoo! Query Language at Cloud Computing Expo
- Where Are RIA Technologies Headed in 2008?
- The Top 250 Players in the Cloud Computing Ecosystem
- Google Version 2.0: Googzilla - The Calculating Predator
- Google Space Launches at Heathrow Airport
- SEO/SEM Tips & Tricks: How and When Should You Submit Your Website to Google?
- Google Snaps Up the Father of the Orion Search Engine
- AOL To Enhance Video Search Engine by Adding RSS Feeds
- Ulitzer vs Knol - Google Wants Its Own Wikipedia
- AJAXWorld Knocks Spots Off LinuxWorld
- The World's Youngest "Google Entrepreneur" Is One Month Old
- Microsoft's Chase After Google Reverberates
- Google Jabbers On with GoogleTalk































