This vulnerability affects also Portable Firefox?
Mozilla Firefox "FirefoxURL" URI Handler Registration Code Execution Vulnerability
http://www.frsirt.com/english/advisories/2007/2473
New: HomeBank (Sep 03, 2023), Platform 26.2.1 (Sep 17, 2023)
450+ real apps (49GB), 1.1 billion downloads, Please donate.
Jack Haller, Advisor and Father of Our Founder, Has Passed Away
This vulnerability affects also Portable Firefox?
Mozilla Firefox "FirefoxURL" URI Handler Registration Code Execution Vulnerability
http://www.frsirt.com/english/advisories/2007/2473
Firefox Portable is Firefox, so it is vulnerable to the same bugs. An upcoming release fixes this.
John,
I was asking the same question last night.
I would think that Firefox Portable would not be vulnerable as there would need to be something written to the registry to cause the vulnerability.
"This issue is caused by a design error within the "FirefoxURL://" URI handler which is _registered_ by the application during the _installation_ process"
Since FFP is not registered or installed in the "normal" way could we not be vulnerable?
Am I wrong in my understanding of this, or am I missing something?
It would be good to know for sure.
Is there something we can do to secure ourselves?
Timothy Clark
(\__/)(='.'=)(}>
I think you're right, Tim, since that URI is handled by the installer. Actually, yeah, you are right.
I think there may be one other issue being addressed in 2.0.0.5, though, so expect the FFP release same day as the FF release.