Mozilla/Firefox Vulnerability Discovered and Patched
There’s a new vulnerability in Mozilla / Firefox that allows arbitrary code execution, as reported in Slashdot.
You can patch Firefox by installing this extension. But if you’re like me and like to have the minimal number of extensions installed, you can do this:
- Open the Javscript Console
- Copy the following line-by-line into the textbox (hitting enter after each line):
You should see false being evaluated after running the last line.
Note: This only works for the current profile. If you have more than one profile, you should probably install the extension. And you shouldn’t need to restart the browser, the preference should be written to your prefs.js file when firefox quits (unless, of course, it crashes before that)
Related posts:
- If you’re not using Mozilla/Firefox What are you, nuts? I should ask, who are you? I don’t get it, with GAPING security problems such...
- FoXRI - Firefox extension for XRI (I-name and I-number) I’ve developed a Firefox extension that allows the use of XRI’s in the browser. You can install it over at...
- FoXRI Updated for Firefox 3 Prompted by Emanuel in a comment to my post on i-names, I’ve finally tended to the long-overdue item in my...
- FoXRI updated for Firefox 2.0 Just a quick mention that I’ve updated FoXRI to be compatible to Firefox 2.0. I haven’t had time to implement...
- Proposal: IDNA Browsers Advertising Capability in User-Agent header This is a proposal to the major browser producers supporting IDNA to advertise their IDN capabilities. One way of doing...
Related posts brought to you by Yet Another Related Posts Plugin.