Is it a bug if it's tough to exploit?
Subject: General Tech | June 9, 2006 - 12:02 PM | Jeremy Hellstrom
There is a java exploit recently discovered; reported by CNET. It is very difficult to exploit, in order to get at your files, a malicious webpage has to trick you into typing in the full path of the file it wants to try to upload. On the other hand, this flaw affects Firefox, Mozilla SeaMonkey, Mozilla Suite, Netscape and Microsoft Internet Explorer, so it could be a problem for anyone.
"Internet Explorer and Firefox, as well as other Mozilla browsers, are flawed in the way they handle
surreptitious file uploads, jeopardizing people's personal data, they said.
But exploiting the flaw requires so much user interaction that Microsoft and Mozilla don't think it
poses much of a danger. The companies do not see a need to rush out a fix. Instead, both plan to
address the bug in upcoming releases of their browsers, representatives said, but did not specify
which update or when it might arrive."
Here is some more Tech News from around the web:
to Replace Batteries? @ Slashdot
- Browse the
Web in Three Dimensions @ ExtremeTech
- Vista to go, so 12 more
Microsoft patches come @ The Inquirer
- Vista Beta 2 explored @ The
- The Bitter Crumpet, Issue 3
- Canon CanoScan 8400F Flatbed Scanner: One Level Up @ X-bit Labs