When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Firefox popup exploit allows file snooping

A vulnerability in Firefox's popup blocker software creates a means to read files from affected systems, security researchers warn. The flaw, coupled with some tricksy coding, establishes a mechanism for hackers to read user-accessible files on vulnerable system, thereby creating a means to swipe sensitive information. Firefox version 1.5.0.9 is known to be exposed to the exploit. Other versions of the popular web surfing package might also be affected.

The vulnerability was discovered by security researcher Michal Zalewski who said the exploit relies in part on the fact that normal URL permission checks, which would stop remote sites from accessing a user's filespace, are bypassed when a user chooses to manually allow a blocked popup.

View: The full story
News source: The Reg

Report a problem with article
Next Article

ITN On makes early use of Windows upgrade

Previous Article

Hackers Sift Gaming, Social Networking Sites for Victims

Join the conversation!

Login or Sign Up to read and post a comment.

3 Comments - Add comment