Sites can slurp browser history right out of Firefox 16

Posted by vagabondo on Oct 11, 2012 7:58 PM EDT
The Register; By Anna Leach
Mail this story
Print this story

A hole in Firefox 16 makes it possible for a malicious site to access a user's browsing history, Mozilla security chief Michael Coates revealed in a blog yesterday. Mozilla 16 was released on Tuesday but pulled a day later because of the vulnerability which would allow a hacker to suck out URLs from the browser history of a visitor of a malicious page.

A hole in Firefox 16 makes it possible for a malicious site to access a user's browsing history, Mozilla security chief Michael Coates revealed in a blog yesterday.

Coates promised a patch today for the vulnerability in the latest version of the browser.

Mozilla 16 was released on Tuesday but pulled a day later because of the vulnerability which would allow a hacker to suck out URLs from the browser history of a visitor of a malicious page.

There was no indication that the weakness was being exploited in the wild said Coates. Users on Firefox 15 are unaffected.

Mozilla-users who don't want to wait for the patch today can downgrade to Firefox 15.0.1 until the clean version of 16 is ready. ®

Full Story

  Nav
» Read more about: Story Type: News Story; Groups: Mozilla

« Return to the newswire homepage

Subject Topic Starter Replies Views Last Post
Can it actually access browser history? BernardSwiss 5 2,218 Oct 12, 2012 3:07 PM

You cannot post until you login.