Firefox add-on Greasemonkey slips up
The Mozilla Foundation is making available an update for a critical security flaw in Greasemonkey, an extension to the Firefox browser.
Greasemonkey is a popular add-on used to customize the design and behavior of Web pages. The flaw could let attackers read any file on a user's local hard drive and list the contents of local directories. The update, Greasemonkey 0.3.5, was released Monday, according to the download page on the Mozilla Foundation's Web site. The Mozilla Foundation coordinates Firefox development and marketing.