Mozilla Firefox flaw could lead to data leak

Mozilla is working to fix a browser flaw that could give attackers unauthorized access to data on a victim's machine. The problem is similar to other data leakage flaws found in the open-source browser, according to researcher Gerry Eisenhaur, who first reported the problem on Saturday. Eisenhaur has posted sample code that reads the contents […]

Mozilla is working to fix a browser flaw that could give attackers unauthorized access to data on a victim's machine.

The problem is similar to other data leakage flaws found in the open-source browser, according to researcher Gerry Eisenhaur, who first reported the problem on Saturday.

Eisenhaur has posted sample code that reads the contents of a Mozilla Thunderbird preferences file, but he believes that attackers could get access to more information with variations on his attack. "It's possible to load any JavaScript file on a victim's machine," he wrote in his blog posting. "This looks very interesting and may have bigger potential, but for now, it's just another information disclosure [flaw]."

Full Article

Mozilla, Firefox, Browser, Vulnerability, Flaw, Exploit, Data, Leak