August – 2019 – IT Assurance and Cyber Security, University of Otago, New Zealand

» Home > 2019 >

Master password bug in Firefox

Friday, August 16th, 2019 | Mark Bedford | Comments Off on Master password bug in Firefox

The Mozilla Foundation have advised of a bug (Bug 1565780) in the use of stored passwords.

August 14, 2019; CVE-2019-11733: Stored passwords in ‘Saved Logins’ can be copied without master password entry

When a master password is set, it is required to be entered before stored passwords can be accessed in the ‘Saved Logins’ dialog. It was found that locally stored passwords can be copied to the clipboard thorough the ‘copy password’ context menu item without first entering the master password, allowing for potential theft of stored passwords.

Any views or opinion represented in this site belong solely to the authors and do not necessarily represent those of the University of Otago. Any view or opinion represented in the comments are personal and are those of the respective commentator/contributor to this site.

IT Assurance and Cyber Security

Categories

Pages

Meta

Monthly Archives: August 2019