From: "Glenn Meadows" 

Hey, move over, you found my hiding place...except I do that on the
weekends with the wife....

--
Glenn M.


"Chris"  wrote in message
news:41e2cefa$1{at}w3.nls.net...
> I never said Firefox was perfect.  Just highlighting the huge insecurity
> of IE.  =)   And, for the Internet Explorer Command Execution
> Vulnerability, Firefox IS immune to that one. :)
>
> Anyhow, I consider firefox to be a better, more secure browser overall,
> but nothing is totally secure, except staying home in bed hiding under
> the covers from the sunshine. ;)
>
> /Chris
>
>
> Glenn Meadows wrote:
> > Firefox has it's own issues that are coming to light, it's not a smooth
> > piece of cake either...see below:
> >
> > http://www.theregister.co.uk/2005/01/07/mozilla_flaws/
> >
> > Mozilla and Firefox flaws exposed
> > By John Leyden
> > Published Friday 7th January 2005 12:14 GMT
> > Mozilla and Firefox users were warned of a number of potentially
troublesome
> > security vulnerabilities this week.
> >
> > The most serious flaw involves a buffer overflow bug in the way Mozilla
> > processes the NNTP (news) protocol. The bug creates a means for hackers
> > inject hostile code into vulnerable systems, providing they trick users
into
> > executing maliciously constructed news server links. All versions of
Mozilla
> > prior to 1.7.5 are affected. Firefox users are advised to make sure they
are
> > running version 1.0 to minimise any risk. The flaw was discovered by
Maurycy
> > Prodeus of Polish firm iSEC Security Research.
> >
> > Next up, Secunia has discovered a flaw that creates a means to spoof the
> > source displayed in the Firefox's download dialog box. The vulnerability
has
> > been confirmed in Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows,
and
> > Mozilla Firefox 1.0. Other versions may also be affected, Secunia warns.
It
> > advises Firefox users to avoid download links from untrusted sources
pending
> > the availability of patches from the Mozilla project.
> >
> > Finally, there's a less serious problem affecting Firefox and its email
> > client Thunderbird. Security researchers have found that temporary files
are
> > stored by the popular packages in a format that makes it possible for
snoops
> > to read the content of downloads and attachments of other users on the
same
> > machine.
> >
> > An overview of these flaws and suggested workarounds can be found here.
R
> >
> > ---------------------------------
> >
> > The best remedy is not surf the net.....LOL....
> >

--- BBBS/NT v4.01 Flag-5