Menu
Opera, Firefox bug could reveal users' web history

Opera, Firefox bug could reveal users' web history

A flaw in the way the Firefox and Opera browsers handle an image file could allow an attacker to see what web sites a person has visited.

The problem concerns how the two browsers handle a ".BMP," or bitmap, image file, according to an advisory written by Gynvael Coldwind of Vexillium.org, who posted a video illustrating the problem.

A malicious bitmap file can be created that pulls other information from the browsers' memory. Some of the information that can be captured is random, but at other times could be valuable, the advisory said.

"The harvested data contains various information including parts of other Web sites, users' favorites and history and other information," Vexillium.org said.

Using the "canvas" HTML (Hypertext Markup Language) tag supported by the browsers, an attacker can capture the data. Then, using JavaScript, the information can be sent to a remote server.

The flaw could also crash Firefox. The vulnerability affects Firefox 2.0.0.11 and previous versions of that browser as well as the beta version of Opera 9.50.


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags operaFirefox

Featured

Slideshows

A snapshot of the Kiwi partners set to shine at the Reseller News Awards

A snapshot of the Kiwi partners set to shine at the Reseller News Awards

With the 2017 Reseller News ICT Industry Awards only weeks away, Reseller News profiles the power line-up of partners set to dominate the biggest night on the channel calendar. ​Ranging from the enterprise, down through the mid-market and small business sectors into the heart of the start-up scene, the end result is the most diverse and wide-ranging partner line-up in the history of the Awards, playing host to the leading innovators of the past 12 months.​

A snapshot of the Kiwi partners set to shine at the Reseller News Awards
Show Comments