Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Firefox

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Mozilla Foundation
And, this specific program:
Mozilla Firefox 3.6.x

This thread has been marked as locked.
Steve H2O Firefox
Member 28th Aug, 2010 17:58
Ranking: 0
Posts: 4
User Since: 16th Dec, 2008
System Score: N/A
Location: N/A
Firefox.
If a program is shown to be insecure, and internet access is blocked using the AVG Firewall and not used . Will this procedure stop the insecurity as a temporary measure ,until the program is updated ?-

Please advise,
Steve.

thedillpickl RE: Firefox
Contributor 28th Aug, 2010 20:18
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
Hi Itacmtwacm1760;

Welcome to the Secunia forum.

I do not believe Firefox, when running, will get around a firewall that has all calls by FF blocked. It will be up to you to test and verify.

If a program is not loaded into memory and started, it can do nothing. It is merely data on a hard drive. Be aware that some programs load 'monitors' and/or preload modules into memory at boot.

I would suggest updating FF.


Regards;

Fred


--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+1
-0
Anthony Wells RE: Firefox
Expert Contributor 28th Aug, 2010 21:06
Score: 2445
Posts: 3,337
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

@Fred ,

The latest version of Firefox is 3.6.8 and it is a Cat 4 with no patch ; comments to the SA suggest 3.6.9 when released will deal with this problem , when it is released :-

http://secunia.com/advisories/41095/

There are maybe 200 other programmes which suffer this type of vulnerability :-

http://secunia.com/community/forum/thread/show/525...

@Steve ,

As Fred says , as you are , Ff would be almost impossible for the bad guys to find in the first place ; in addition , it (the vulnerability) appears to require your active participation in downloading a .dll file .

Take care

Anthony





--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0
Steve H2O RE: Firefox
Member 28th Aug, 2010 21:21
Score: 0
Posts: 4
User Since: 16th Dec 2008
System Score: N/A
Location: N/A
Thanks for the advice, I am already using the latest Firefox 3.6.8.
The information regarding Firefox came from Secunia PS I after a scan of my computer. At the moment I am Using the Chome ( Google) which has got a clean
bill of health this week ! !
Regards.
S.
Was this reply relevant?
+0
-0
Anthony Wells RE: Firefox
Expert Contributor 28th Aug, 2010 21:28
Score: 2445
Posts: 3,337
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi Steve ,

I am doing the same thing at the moment ; If I use Ff , I run it in a sandbox (anyway) , but you can never be too sure .

Safe browsing rules still need to be applied to all browsers , none are guaranteed 100% secure .

Take care

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0
thedillpickl RE: Firefox
Contributor 29th Aug, 2010 01:37
Score: 376
Posts: 872
User Since: 3rd May 2009
System Score: 100%
Location: US
@Anthony, thanks for the heads up on FF. This is the first I've heard of a problem.

@Itacmtwacm1760, PSI has the "Secure Browsing" tab so that you can see problems like this easily and make an informed decision as to which browser to use. If you do not open FF (in this case) you should be fine.

The SA Anthony cites explains that a user can be tricked into an exploit. If you do happen to use FF, this is how Secunia suggests a problem may be avoided:

"Solution
Do not open untrusted files."

Staying away from things unknown is always a good idea, but not much fun!


Fred

--
XP Home
Chrome, Firefox, IE8
--
consilio et animis
Was this reply relevant?
+0
-0
Anthony Wells RE: Firefox
Expert Contributor 29th Aug, 2010 11:23
Score: 2445
Posts: 3,337
User Since: 19th Dec 2007
System Score: N/A
Location: N/A


Hi ,

At the risk of being called a spoilsport :((((

on 29th Aug, 2010 01:37, thedillpickl wrote:


"Solution
Do not open untrusted files."

Staying away from things unknown is always a good idea, but not much fun!

Fred


A major malware infection or losing your ID would be the epitome of not much fun .

Secure browsing does not remove fun entirely ; hopefully , it adds intelligence :))

Take care

Anthony

--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer