Mozilla updated its Firefox browser to patch a zero-day vulnerability being used to harvest passwords on Windows and Linux machines. The flaw resided in code that "enforces JavaScript context separation."
Are then SeaMonkey & Pale Moon browsers affected as well?
Zero-day vulnerability
-
- Moderator
- Posts: 14404
- Joined: May 3rd, 2007, 7:40 am
- Location: US
Re: Zero-day vulnerability
The vulnerability comes from the interaction of the mechanism that enforces JavaScript context separation (the “same origin policy”) and Firefox’s PDF Viewer. Mozilla products that don’t contain the PDF Viewer, such as Firefox for Android, are not vulnerable.
So, the answer appears to be "no" as far as SeaMonkey is concerned. However, there are a couple of other open vulnerabilities which the upcoming 2.35 version will fix (hopefully coming soon now).
- James
- Moderator
- Posts: 28005
- Joined: June 18th, 2003, 3:07 pm
- Location: Made in Canada