How to Check for Outdated Plugins in Firefox

By Shamly, on July 23rd, 2010

Mozilla started the plugin check program to help users keep their plugins up to date on Firefox. Outdated plugins are a major source of security and stability risk for web users.

Click Here to Read the Full Post →


One comment   Techno   , , , ,  

Firefox 3.6.7 fixes critical issues in 3.6.6

By Shamly, on July 22nd, 2010

Mozilla has shipped a mega patch for Firefox to fix a total of 14 moderate to critical security flaws that expose Web surfers to attacks by hackers.

Impact key:

  • Critical: Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.
  • High: Vulnerability can be used to gather sensitive data from sites in other windows or inject data or code into those sites, requiring no more than normal browsing actions.
  • Moderate: Vulnerabilities that would otherwise be High or Critical except they only work in uncommon non-default configurations or require the user to perform complicated and/or unlikely steps.

Below is a list of bugs fixed in the latest release:

  • Cross-origin data leakage from script filename in error messages
  • Cross-domain data theft using CSS
  • Multiple location bar spoofing vulnerabilities
  • Characters mapped to U+FFFD in 8 bit encodings cause subsequent character to vanish
  • Same-origin bypass using canvas context
  • Cross-origin data disclosure via Web Workers and importScripts
  • Remote code execution using malformed PNG image
  • nsTreeSelection dangling pointer remote code execution vulnerability
  • nsCSSValue::Array index integer overflow
  • Arbitrary code execution using SJOW and fast native function
  • Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability
  • Use-after-free error in NodeIterator
  • DOM attribute cloning remote code execution vulnerability
  • Miscellaneous memory safety hazards (rv:1.9.2.7/ 1.9.1.11)

2 comments   General   , ,  

What is a Mashup

By Shamly, on July 21st, 2010

In Web development, a mashup is a Web page or application that uses and combines data, presentation or functionality from two or more sources to create new services. Mashups have gained popularity in the last few years.

The term implies easy, fast integration, frequently using APIs and data sources to produce enriched web applications that were not necessarily the original reason for producing the raw source data. Early mashups took data from sources such as google, twitter, etc and combined them with other services to create visualizations of the data.

The mashup architecture is divided into three layers:
Click Here to Read the Full Post →


One comment   General, Software Development   , ,  

A Typical Project Selection Process

By Shamly, on July 16th, 2010

Programmer to Team Leader:

“We can’t do this proposed project. **CAN NOT**. It will involve a major design change and no one in our team knows the design of this legacy system. And above that, nobody in our company knows the language in which this application has been written. So even if somebody wants to work on it, they can’t. If you ask my personal opinion, the company should never take these type of projects.”

Team Leader to Project Manager :

“This project will involve a design change. Currently, we don’t have any staff that has experience in this type of work. Also, the language is unfamiliar to us, so we will have to arrange for some training if we take this project. In my personal opinion, we are not ready to take on a project
of this nature.”

Project Manager to 1st Level Manager :


Click Here to Read the Full Post →


6 comments   General   , , ,