[ΑΣΦΑΛΕΙΑ] Πρόβλημα με τον Firefox 1,5.0.2
Posted: Fri Apr 28, 2006 4:07 pm
Πηγή: http://www.pcmag.com
Security Watch: Vulnerabilities Everywhere and Secret Patches
A bug in Firefox 1,5.0.2, the current patched-up version, allows remote code execution, but only through some user cooperation. The Firefox development team is working on a patch.
The problem happens when non-image content is presented in an IMG tag. It will appear to the user as a broken image link. If the user right-clicks and chooses the View Image option, the file will be downloaded and, if the type is in the Firefox bypass list, executed.