Tuesday 05 October 2004

The story behind Bugzilla Bug 259708

Firefox users should note that there is a minor update to Firefox in order to fix a security vulnerability. This security vulnerability allows a malicious user to delete files from a user's download directory and was reported by Alex Vincent.

Apparently, the details of this bug (now Bugzilla Bug 259708) was never made public on Bugzilla due to its severity. However, this is no longer the case and in addition, Alex Vincent offers a detailed account of the story behind the bug.

Well worth reading.

Via Jesse Ruderman