It’s been a while since Firefox has been in the news, but this is a fairly high profile case involving the Nobel Peace Prize website. It seems there is a race condition vulnerability in the latest versions of Firefox (including 3.6.11) that allows remote exploitation. In this case it was used via an iFrame on […]
There’s been a number of bounty programs in the past year or so with Mozilla being one of the forerunners with their Mozilla Security Bug Bounty Program. There are others like Google offering rewards for bugs in Chrome, and other specific high profile bounties like when Microsoft Offered $250K Bounty for Conficker Author. Mozilla on […]
Tags: bug bounty, exploit, firefox, firefox bug bounty, firefox exploit, firefox exploit bounty, firefox-vulnerability, mozilla, mozilla bounty, mozilla bug bounty, mozilla firefox, mozilla security bug bounty, security bug, security bug bounty, vulnerability
Posted in: Exploits/Vulnerabilities, Programming, Web Hacking | Add a Comment
Seems like Pwn2Own is getting a reputation for uncovering some pretty nasty browser based vulnerabilities, once again this year Firefox, Safari and IE8 were all broken wide open. The latest development is Mozilla has beaten both Microsoft and Apple to the punch and released Firefox 3.6.3 patching the vulnerability. Again it was a critical vulnerability […]
Tags: aslr, data execution prevention, dep, firefox, firefox 3.6.3, firefox exploit, firefox patch, firefox-vulnerability, hacking ie8, hacking safari, hacking-contest, hacking-firefox, ie8 exploit, ie8 security, nils, peter vreugdenhil, pwn2own, safari vulnerability, safari-exploit, safari-security, tipping point, tippingpoint
Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment
Ah a bug in our beloved Firefox, after the latest 3.5 update (which sees some definite improvements). The last one I recall was the Clickjacking Vulnerability, which also effected Chrome. It seems like it’s not too serious of an issue and will only cause crashing, there’s no room for remote exploitation or code execution. So […]
Just remember that even though Firefox tends to be more secure than Internet Exploder – it’s not immune from vulnerabilities (although they do tend to get fixed much much faster). The latest one that’s cropped up in both Firefox and Chrome is a clickjacking vulnerability. This is basically where a link is replaced by an […]
Tags: chrome, chrome clickjacking, click jacking, firefox, firefox clickjacking, firefox exploit, firefox-vulnerability, google chrome, google chrome clickjacking, google chrome exploit, google chrome vulnerability, hacking google chrome, hacking-firefox
Posted in: Exploits/Vulnerabilities, Web Hacking | Add a Comment
It seems a data leakage bug has struck Firefox recently and has been confirmed by Window Snyder the security bod at Mozilla. It’s basically a Chrome directory traversal bug (It seems a lot of the Firefox issues have had to do with chrome?). It’s rated as low risk, but it can give away the existence […]
