[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Re: Mozilla Firefox Certificate Spoofing

Subject: Re: [Full-Disclosure] Re: Mozilla Firefox Certificate Spoofing
From: Peter Besenbruch <prb@xxxxxxxx>
Date: Sat, 31 Jul 2004 07:59:44 -1000

Stephen Samuel wrote:

> Has this been posted to bugilla????
>
>
> E.Kellinis wrote:
>
>> #########################################
>> Application:    Mozilla Firefox
>> Vendors:        http://www.mozilla.com
>> Version:         0.9.1 / 0.9.2
>> Platforms:       Windows
>> Bug:               Certificate Spoofing (Phishing)
>> Risk:              High
>> Exploitation:   Remote with browser
>> Date:             25 July 2004
>> Author:          Emmanouel Kellinis
>> e-mail:           me@cipher(dot)org(dot)uk
>> web:              http://www.cipher.org.uk
>> List :              BugTraq(SecurityFocus)/ Full-Disclosure
>> #########################################

This was fixed by the July 27 builds in both Firefox 0.9.2( or 1) and Mozilla 1.7. The Mozilla 1.4 branch was also updated.

Bugzilla report:
http://bugzilla.mozilla.org/show_bug.cgi?id=253121

________________________________________________________________

Hawaiian Astronomical Society: http://www.hawastsoc.org
HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Re: Mozilla Firefox Certificate Spoofing
  - From: evilninja

Prev by Date: Re: [Full-Disclosure] Re: Mozilla Firefox Certificate Spoofing
Next by Date: Re: [Full-Disclosure] Automated SSH login attempts?
Previous by thread: Re: [Full-Disclosure] Re: Mozilla Firefox Certificate Spoofing
Next by thread: Re: [Full-Disclosure] Re: Mozilla Firefox Certificate Spoofing
Index(es):
- Date
- Thread