Security Advisories Week: 22-29 May 2002


Title: Mozilla vulnerabilities
Date: May 29 2002
Vendor: Conectiva
Vulnerable systems: Conectiva Linux 6.0, 7.0, 8
Full advisory: http://www.net-security.org/advisory.php?id=730
Problem description: GreyMagic Security found a vulnerability in mozilla prior to version 1.0rc1 which allows a hostile site to read and list user files. The vulnerability was related to the XMLHTTP, a component that is primarily used for retrieving XML documents from a web server.

Spotlight

Why vulnerability disclosure shouldn’t be a marketing tool

Brian Honan, CEO at BH Consulting, talks about a recent vulnerability disclosure trend – a trend that he believes may ultimately cause more harm than good: security vendors using vulnerability disclosure as a marketing tool with the goal of enhancing their company’s bottom line.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Wed, Jul 1st
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //