AlbertPacino
Explorer
Buffer overflow vulnerability could cause Netscape to crash, allow access to hackers
A "highly critical" unpatched vulnerability in the Netscape browser could potentially allow hackers to compromise Internet users' systems, according to an advisory from a Danish security firm.
The buffer overflow vulnerability could cause the browser to crash. In addition, hackers could create Web sites to exploit the flaw, executing code of their choice on visitors' computers to gain access to users' systems, security company Secunia warned.
The vulnerability has been confirmed in Netscape Version 7.2 and has been reported in Version 6.2.3, according to the advisory, released late Tuesday. Other versions may also be affected, it said.
Secunia advised Netscape users to switch to another browser until the vulnerability is patched, labelling it "highly critical."
The vulnerability is related to a previously reported flaw in the Mozilla browser, which shares some code with Netscape, Secunia Chief Technology Officer Thomas Kristensen said Wednesday. The Mozilla vulnerability has already been patched, he said.
"It's been a while since Netscape has been patched so there's reason to be concerned," Kristensen said.
It is a severe problem because there is no effective workaround, he added.
Representatives for Netscape, in Mountain View, California, weren't immediately available for comment on Wednesday.
[RANK="www.infoworld.com/article/05/04/27/HNnetscapeflaw_1.html"]Source[/RANK]