|
FireFox Exploit (And others, but not IE this time)
Test it here...
http://www.shmoo.com/idn/ There is a link to the advisory there too. In firefox you can fix it yourself until they issue a new version: Type about:config in your address bar. Scroll down to network.enableIDN and double-click it to set it to false IDN = International Domain Name |
Vulnerable browsers include (but are not limited to):
Most mozilla-based browsers (Firefox 1.0, Camino .8.5, Mozilla 1.6, etc) Safari 1.2.5 Opera 7.54 Omniweb 5 Vendor Responses: Verisign: No response yet. Apple: No response yet. Opera: They believe they have correctly implemented IDN, and will not be making any changes. Mozilla: Working on finding a good long-term solution; provided clear workaround for disabling IDN. Mozilla/Firefox first to offer a fix :thumbsup |
rofl, i thought firefox was immune to this shit?
|
Slashdot cross poster eh?
It's not actually so much that IE isn't vulnerable, it just doesnt support the IDN standard. If you installed the plugin, it will be. On the flip side, it's not so much FF that is vulnerable as the plugin :) |
as firefox is getting more popular more exploits are being found, waiting till nerds will start to write malicious viruses and worms that will go thru firefox
|
Quote:
I don't read the forums much, usually just the headlines. A friend IM'd me with the info a few mins before I started this thread. |
Quote:
|
| All times are GMT -7. The time now is 07:55 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123