Mozilla Firefox 1.5 & Security Bug
Mozilla has issued a security advisory to the users of its newest browser, Firefox 1.5 about this bug, which is related to how the software handles extremely long names. This bug can at worse reportedly crash the targeted computer. However, the organization has claimed that contrary to earlier reports by researchers, the bug does not expose users to attack.
Mozilla said in an online security advisory that Malicious pages with very long titles can make the browser appear to hang. The proof of concept for this security bug released publicly contained 2.5 million characters and should not be bothering web users in the real world. Mozilla claims that while the browser is busy processing the name, user thinks that the application has hung.
Worse, the application behaves sluggishly till the time the item is removed completely from the history of the browser application. Mozilla advisory added: “We can find no basis for claims that variants of this denial-of-service attack can cause an exploitable crash. There does not appear to be any risk to users or their computers beyond the temporary unresponsiveness at startup.”
The organization has not released an exact date for the release of the fix for this issue.
–
Sushubh Mittal, Search Engine Journal Tech Columnist and Resident Opera User – Sushubh, the Editor of TechWhack, is a self described tech freak who loves to test out software and criticize the flaws in them. He is a die-hard Michael Schumacher fan and has been featured on the CBS MarketWatch website and Google’s GMail Press Page.
