From: Alper Oguz (alper@aden.biz)
Date: Sun 11 Jul 2004 - 23:43:44 EEST
Sadece WinXP'yi etkiliyormus..
---------------------------------------
Security hole found in Mozilla browser
Last modified: July 8, 2004, 9:40 PM PDT
update Developers at the open-source Mozilla Foundation have confirmed
that the latest version of their Web browsers have a security flaw that
could allow attackers to run existing programs on the Windows XP
operating system.
The flaw, known as the "shell" exploit, was publicized Wednesday on a
security mailing list, along with a link to a fix for the problem.
Updated versions of the affected software programs, which include the
Mozilla, Firefox and Thunderbird browsers, have been released.
Developers said the flaw affects only Windows users, not computers
running the Macintosh and Linux operating systems. Like recent Internet
Explorer vulnerabilities, this flaw only allows the attacker the ability
to run an existing program and requires that security problems in other
applications be exploited to gain further access.
The flaw can be used to pass a file extension to the operating system.
Windows XP will then run the helper application corresponding to that
file extension. The main threat comes from the ability of an attacker to
pass parameters to exploit vulnerabilities in a specific helper
application, which could give an outsider access to the system. A shell
problem could also cause the computer to freeze.
...
http://news.com.com/Security+hole+found+in+Mozilla+browser/2100-1002_3-5262
676.html?tag=nefd.top
-- Alper Oguz <alper@aden.biz>-- Attached file included as plaintext by Ecartis -- -- File: signature.asc -- Desc: This is a digitally signed message part
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQBA8aaAcoywlvl+Wt4RAimIAJ9IbqL2KG0P+d1qcCSLhRHvvQ2gXwCeOPqF 77a/UI0UWMH6CCSN4W22eAo =pDte -----END PGP SIGNATURE-----