Is it a bug if it's tough to exploit?

Subject: General Tech | June 9, 2006 - 12:02 PM |

There is a java exploit recently discovered; reported by CNET.  It is very difficult to exploit, in order to get at your files, a malicious webpage has to trick you into typing in the full path of the file it wants to try to upload.  On the other hand, this flaw affects Firefox, Mozilla SeaMonkey, Mozilla Suite, Netscape and Microsoft Internet Explorer, so it could be a problem for anyone.

"Internet Explorer and Firefox, as well as other Mozilla browsers, are flawed in the way they handle

JavaScript, security experts warned this week. An attacker could use the problem to launch

surreptitious file uploads, jeopardizing people's personal data, they said.

But exploiting the flaw requires so much user interaction that Microsoft and Mozilla don't think it

poses much of a danger. The companies do not see a need to rush out a fix. Instead, both plan to

address the bug in upcoming releases of their browsers, representatives said, but did not specify

which update or when it might arrive."

Here is some more Tech News from around the web:

Tech Talk

No comments posted yet.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Lines and paragraphs break automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote><p><br>
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

This question is for testing whether you are a human visitor and to prevent automated spam submissions.