Flatiron Posted September 9, 2005 Report Share Posted September 9, 2005 (edited) WorldStart Message Boards - highly critical Firefox vulnerabilityhttp://forum.worldstart.com/showthread.php?t=73077Highly critical Firefox vulnerabilitySecunia - Advisories - Firefox URL Domain Name Buffer Overflowhttp://secunia.com/advisories/16764/Instead of the Securia workaround of not browsing untrusted sites,you could just disable IDN entirely by typing about:config intothe location bar and press enter, type IDN into the filter,find this line:network.enableIDNright click the line and select toggle (to false), close and reopen Firefox.-----------------------------------This tests whether you're vulnerable or not (don't click it if you haven't disabled IDN!):http://www.security-protocols.com/firefox-death.htmlIf it loads a blank page, you're safe. If it crashes Firefox (Mozilla or Netscape), you're not safe.------------------------------------------------More info hereHighly Critical Vulnerability Reported by Secunia - MozillaZine Forums Edited September 9, 2005 by flatiron__2 Quote Link to post Share on other sites
robroy Posted September 9, 2005 Report Share Posted September 9, 2005 Thanks flatiron, I got a blank page Quote Link to post Share on other sites
rv56 Posted September 10, 2005 Report Share Posted September 10, 2005 I did the download patch method posted in Software Updates posted by chachazz and it works. I got the blank page... It shows up(no IDN) in Help and About Mozilla Firefox after the patch is downloaded and a Firefox restart.Thanks for the warning and heads up thread flatiron, very much appreciated.. Quote Link to post Share on other sites
Chachazz Posted September 11, 2005 Report Share Posted September 11, 2005 Please go to the following link; Patch Released!http://www.besttechie.net/forums/index.php?showtopic=4790 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.