Tuesday, August 14, 2007

Another Firefox Vulnerability

A vulnerability has been discovered in Firefox that could allow criminals to remotely scan all variables in your Firefox plugins and use an Ajax script to log that information on to a server.

In non techy terms this means that information stored in your plugins, like whitelists, passwords, user names, email addresses, ftp information etc etc could be stolen and seriously compromise your online privacy and security. According to the 0×000000 blog, this isn’t something that can be easily fixed either.

For now, your best form of defence is to run with the NoScript plugin enabled.

Sources | The Register and 0×000000