> Linux Reviews > News and headlines > 2005 News archive > September >

Firefox owned by most serious flaw ever

Mozilla Firefox versions up to 1.0.6 has the most serious security risk ever: Websites can now run shell commands on your computer. Version 1.0.7 is available, but packages are not yet available for Linux distributions.

The security risk of using Mozilla Fireox versions prior to 1.0.7 is grave. It is possible to execute shell commands like rm -rf ~ remotely. This page demonstrates the command and your whole home directory is now silently being deleted, if you are using Mozilla Firefox, that is. While that was a rather stupid joke, it could easily have been true. The risk is that severe.

We very strongly recommend that all Firefox users upgrade to this latest version or temporarily use another web browser.

Firefox (mozilla.org)

News and headlines

Eyemagnet Limited to sponsor Gnash development
Technical director Steve Castellotti of Eyemagnet has offered the Gnash proejct "a few paid hours of Gnash development time"
Women are irrelevant to the free software community
Barely one percent of all commits to free software projects are done female contributors.
Vietnam to widely use open source software
Minister of Information and Communications Le Doan Hop asked that 100% of servers of IT divisions of government agencies must be installed with open source software by June 30, 2009.
Flash Player 9 Update Release Candidate available
Adobe has released an updated release candidate of their proprietary software flash player. It has some new features such as support for H.264 video, but it really does not matter as the license remains totally unacceptable.
KDE 4.0 Alpha 2 Released
KDE Community are now immensely proud to have put the second Alpha version of what will probably be the worlds most popular desktop environment in a few years.
Mozilla Firefox 1.5.0.12 marks the ned of Firefox v1.5
Firefox 1.5.0.12 is now rolled out and it is the last security update which will be made for Firefox 1.5.x. Linux distributions will probably update their packages with security patches, but there will be no more official 1.5.x releases. Mozilla Corporation attitude is update to 2.x or switch browser.
SpamAssassin 3.2.1 and 3.1.9 released
KDE 3.5.7 Released
ProFTPD: Local privilege escalation
Linux.conf.au videos available
Tor 0.1.2.7-alpha is out
The Electronic Frontier Foundation (EFF) Europe Office Opens in Brussels

Firefox owned by most serious flaw ever

Resources

Wikis

Package Search