Old Mozilla flaw re-opens after 7 years!

Hello dear Mozilla fans,

Security is an ongoing thing, but old ghosts can reappear. ;D
This was the case with the seven year old security flaw in Mozilla: a frame injection vulnerability. Read about this here:
http://software.silicon.com/security/0,39024655,39131016,00.htm
. See rectification by DavidR below, the author of this posting agrees with this comment. Point taken generously.

polonus

Polonus, can you change your title as this is unrelated to firefox.
Edit: Thanks for changing the title Polonus.

http://secunia.com/advisories/15601/

Description: A seven year old vulnerability has been re-introduced in Mozilla and Firefox, which can be exploited by malicious people to spoof the contents of web sites.

For more information:
SA11978

Secunia has constructed a test, which can be used to check if your browser is affected:
http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/

The vulnerability has been confirmed in Firefox 1.0.4 and Mozilla 1.7.8. Other versions may also be affected.

Solution:
Firefox:
Update to version 1.0.5.
http://www.mozilla.org/products/firefox/

Mozilla Suite:
Update to version 1.7.10.
http://www.mozilla.org/products/mozilla1.x/

Since this was patched in firefox 1.0.5 it is hardly new and two it doesn’t relate to a flaw in firefox 1.70, rather a vulnerability in Mozilla 1.70

Also Mozilla Suite is at version 1.7.12 past the suggested update to version in the Secunia advisory, e.g. it is patched.

Hi DavidR,

Well point taken, see the adaptation of the original posting.

greets,

polonus

Always check the date of a article!