internetnews.com: Mozilla Fixes Firefox Flaws, Misses One
Dec 20, 2006, 15:15 (0 Talkback[s])
(Other stories by Sean Michael Kerner)
"Mozilla today updated Firefox 2.0 for the first time, but the
upgrade lacks at least one fix for a well known and already
disclosed flaw in the open source browsers.
"In late November, a Password Manager flaw was reported in
Firefox, leaving users at risk for having their log-in information
misappropriated by malicious sites.
"The flaw allows a maliciously crafted page to auto-fill a form
with credentials intended for another site..."