It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Firefox add-on Greasemonkey slips up Firefox add-on Greasemonkey slips up
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read


Firefox add-on Greasemonkey slips up
Reply
 
Thread Tools
Old 21st July 2005, 00:15   #1
[M] Reviewer
 
Sidney's Avatar
 
Join Date: Mar 2004
Posts: 15,739
Sidney Freshly Registered
Default Firefox add-on Greasemonkey slips up

The Mozilla Foundation is making available an update for a critical security flaw in Greasemonkey, an extension to the Firefox browser.

Greasemonkey is a popular add-on used to customize the design and behavior of Web pages. The flaw could let attackers read any file on a user's local hard drive and list the contents of local directories. The update, Greasemonkey 0.3.5, was released Monday, according to the download page on the Mozilla Foundation's Web site. The Mozilla Foundation coordinates Firefox development and marketing.

The flaw affects versions of Greasemonkey prior to 0.3.5, including early 0.4 alphas, according to a posting on Mozdev.org, a site where developers post applications and add-ons.

People who switch to version 0.3.5, however, will find it lacks the so-called GM* APIs, which are designed to make Greasemonkey more powerful than HTML, according to Greaseblog, a blog devoted to the extension. As a result, scripts that rely on these APIs will fail with the 0.3.5 version. "Greasemonkey 0.3.5 is a 'neutered' version of Greasemonkey," said a developer in a post to the blog.

Still, according to the same post, people should only use 0.3.5 at this point.

Previous Next "I strongly recommend that everyone either install Greasemonkey 0.3.5, or else disable or uninstall Greasemonkey completely," wrote the developer, who is currently working on a fix.

No reports of the flaw being exploited have surfaced, according to his post.

Several security flaws have been discovered in Firefox recently, and the Mozilla Foundation released a security update for the browser earlier this month.

Additionally, a promotional site for the Firefox browser was hacked last week. The attack on SpreadFirefox.com was an embarrassment to the Mozilla Foundation, which uses security as a main selling point for the browser.

http://news.com.com/Firefox+add-on+G...l?tag=nefd.top
__________________
lazyman

Opteron 165 (2) @2.85 1.42 vcore AMD Stock HSF + Chill Vent II
Sidney is offline   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
Mozilla Firefox 3.6 RC1 released: Faster than Google Chrome jmke WebNews 0 12th January 2010 17:17
Firefox To Replace Menus With Office Ribbon...Or Will They? jmke WebNews 0 24th September 2009 14:19
Next Firefox 3.1 Beta Date Announced jmke WebNews 0 5th August 2008 22:25
Firefox 3 Alpha 2 Preview jmke WebNews 0 9th February 2007 18:03
Firefox 2.0 Tweak Guide jmke WebNews 1 25th October 2006 10:59
IBM helps Firefox reach disabled Sidney WebNews 0 15th August 2005 23:34
Firefox downloaded 75 million times jmke WebNews 1 1st August 2005 15:13
Full Firefox Tweak Guide Sidney WebNews 0 2nd May 2005 16:40
Mozilla and Firefox flaws exposed jmke WebNews 0 7th January 2005 14:12

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


All times are GMT +1. The time now is 06:47.


Powered by vBulletin® - Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO