Netscape Navigator bug exposed

Unix Plug-in code provides doorway for malicious software

Programmer Dan Brumleve has uncovered his latest Netscape Navigator bug. Mere weeks after discovering two glitches that expose users' cache contents and the list of sites they have visited to unauthorised scrutiny, Brumleve revealed that it's possible to swamp the area of memory the browser sets aside for storing MIME type information, causing the application to bomb. Brumleve reckons that it would then be possible to run code on that machine. The bug appears in the browser's plug-in download mechanism. Fortunately, the bug only affects the Unix release of Navigator. Netscape said it is working on a patch. ® Click for more stories

Sponsored: Today’s most dangerous security threats