Mozilla Privacy Bug
Saturday September 14th, 2002
Yesterday, ZDNet UK News reported that Mozilla has a privacy flaw involving HTTP referers. The flaw can be exploited using the
The bug was filed in Bugzilla as bug 145579 on Sunday 19th May, with the more serious
UPDATE! Bug 145579 has now been made public.
ANOTHER UPDATE! A fix has been checked in to the trunk. A patch for the 1.0 branch will follow shortly.
YET ANOTHER UPDATE! A patch has now been checked in to the 1.0 branch.
#51 Re: its already fixed
Tuesday September 17th, 2002 6:53 PM
You are replying to this message
That's funny. NS7, Galeon, KMeleon, etc... still seem to suffer from this. In fact, anything based on 1.0 has 25+ exploits. Have the security geniuses at mozilla.org installed your new update system that instantly delivers patches to the trunk to all of the mozilla users systems? As well as the products based on gecko?
What puzzles me is why were any of these exploits found to begin with when for years you and others have been touting how secure Mozilla is? 25 discovered internally between 1.0 and 1.01 alone? That's only a few months time!!!
"Designed bottom up with security as top priority" was the big rant for quite a while. Reality is biting you in the ass and this is just the tip of the iceberg if Mozilla's usage share increases enough for any of the evil doers to give a flying rip about it.