Firefox 16 Vulnerability Exploit Code Made Public

Firefox 16 Vulnerability Exploit Code Made Public

Latest version of Mozilla Firefox 16 has been taken offline because of a security vulnerability discovered by a researcher. According to the security researcher, Firefox 16 features a security vulnerability that allows “a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters.” Mozilla has also confirmed the vulnerability on Mozilla security blog.

“The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters.  At this time we have no indication that this vulnerability is currently being exploited in the wild,” Michael Coates, Director of Security Assurance, confirmed about the vulnerability.

The researcher who discovered this serious vulnerability provided a proof of concept by demonstrating the findings and describes the working as the victim has to use Firefox 16 to access the attacker’s site. Then, if the user is signed in to Twitter, the attacker opens a new window in the social network from his own site and the target is redirected to a specially crafted URL containing a personal Twitter ID.

Firefox 16 for Android was also affected by this vulnerability and could be harmful, but a Mozilla had already released a patched version of the browser for Android devices. Mozilla is also trying to fix the issue before cyber criminals got around to exploiting this vulnerability in bulk.

Read more here

Share this article
Shareable URL
Prev Post

HTC Desire X is Now Available Online for Rs.19,799

Next Post

YouTube Search Ranks Videos Based On Watch Time

Leave a Reply
Read next
Subscribe to our newsletter
Get notified of the best deals on our WordPress themes.
0
Share