Password Manager Bug

Well it looks like the good times train has made a stop in bug city! I have no doubt though that the Mozilla folks will get this one squashed as soon as possible. Till then, it is always good to know the facts.

Today, Mozilla made public bug #360493, which exposes Firefox’s Password Manager on many public sites. The flaw derives from Firefox’s willingness to supply the username and password stored on one page on a domain to another page on a domain. For example, username/password input tags on a Myspace user’s site will be unhelpfully propagated with the visitor’s Myspace.com credentials.

+ Read More About the New Bug in Firefox 2’s Password Manager!

, , , , , ,

Comments are closed.