Opera And Firefox – In Trouble

I have been using Firefox as my primary browser for a long period, and now its place has been taken by Opera, but Firefox remains my second choice, when Opera seems to have problems with various sites. Unfortunately, it seems a flaw has been discovered in both of them, and it looks like this may compromise one's security pretty seriously. Well, I finally got to see this happening... so let's see what is this all about, shall we?


According to Gynvael Coldwind from Vexillium.org, a flaw affecting both Firefox and Opera's way of handling image files may lead to a hijack of one's Web history. The idea is as it follows - a malicious BMP file can be created, and when you load that file, random information from your browser's memory is extracted, and I don't even want to think about someone stealing my passwords!

"The harvested data contains various information including parts of other Web sites, users' favorites and history and other information.", said Coldwind. Once the data has been extracted from memory, it can be send to a remote computer, by using JavaScript.

At last, it should be noted that, while this flaw can lead to Firefox crashes, there's no information about Firefox 3 Beta being affected, but Opera 9.50 seems to be affected...