internetnews.com: Firefox Password Flaw Still Open?
Mar 12, 2007, 13:30 (1 Talkback[s])
(Other stories by Sean Michael Kerner)
"Is a flaw in the Firefox browser fixed or not? A security
research claims that it's not. Mozilla says it is.
"Last November security researcher Robert Chapin discovered a
zero day flaw in Mozilla Firefox's password manager. The flaw could
potentially allow a maliciously crafted page to auto-fill a form
with credentials intended for another site.
"Mozilla claimed that it fixed the flaw in its most recent
Firefox 18.104.22.168 update. Chapin doesn't quite agree..."