DV Hardware bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
October 25, 2016 
Main Menu
News archives

Who's Online
There are currently 126 people online.


Latest Reviews
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller
ZOWIE G-TF Rough mousepad
ROCCAT Isku FX gaming keyboard
Prolimatech Magnetic Pin

Follow us

Prove of concept exploit released for Firefox image bug

Posted on Friday, May 12 2006 @ 15:32:08 CEST by

SANS reports they have received a prove of concept exploit regarding the recently discovered Firefox image bug.
His prove of concept exploit will use javascript to generate image tags with 'mailto:' link, which in turn will open the mail application automatically without any user interaction. As a result, many mail windows (e.g. Outlook) will be opened and the system will become unresponsive.

One possible workaround is to turn off automatic startup of your e-mai application in Firefox. To do so, enter in the URL bar: about:config . This will show a long list of configuration options. Search for 'warn-external.mailto' (e.g. use the 'Filter' option). By default, this value should be set to "false". Click on the line to toggle it to "true" (it will be bold if it is not set to the default).

Now, whenever you click on a mailto: link, you will first be asked if you would like to start your e-mail application. In the case of the exploit this will keep your system responsive, even though you may still have to click on all the dialogs.
SANS says you can temporarily protect yourself by disabling javascript or disabling mailto: link all together.



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2016 DM Media Group bvba