First CSS3 security bug found, patched?

February 24th, 2007 by Peter Gasston 2 comments, leave your own »

The latest security update of Firefox, 2.0.0.2, provides a fix for a possible spoofing attack using the CSS3 cursor property.

As far as I’m aware, this is the first known security hole which uses CSS3 properties; perhaps someone can correct me if I’m wrong.

These icons link to social bookmarking sites where readers can share and discover new web pages.
  • bodytext
  • del.icio.us
  • Reddit
  • Mixx
  • TwitThis
  • E-mail this story to a friend!
  • Print this article!
February 24th, 2007 by Peter Gasston in Browsers. You can leave a response, or trackback from your own site.

2 Comments to “First CSS3 security bug found, patched?”

  1. Robin Says:
    February 25th, 2007 at 6:29 pm

    There’s the old :visited hole but that’s not CSS3 specific, just CSS. Also, it’s more of a privacy than a security issue.

  2. Weblog de Brainet » Archivo del weblog » Bug de seguridad en CSS3 Says:
    February 26th, 2007 at 12:14 pm

    [...] First CSS3 security bug found, patched? [...]

Leave a Comment