I have a Microsoft Visual Studio 2005 installed on my laptop. And it told me to debug the Firefox’s unhandled exception! Is this part of Firefox’s weakness?

A weakness has been discovered in Firefox, which can be exploited by malicious people to disclose system information.

The weakness is caused due to file path information being included in certain exceptions being thrown by the browser. This can e.g. be exploited to disclose the full installation path by calling the “window.sidebar.addSearchEngine()” JavaScript function with invalid parameters.

This may reportedly also be exploited to disclose the full path to the user’s profile via errors thrown in installed extensions.

The weakness has been confirmed in version 1.5.0.3. Other versions may also be affected. Secunia.com

My lecturer always told me that EXCEPTIONS MUST BE HANDLED APPROPRIATELY. Did Firefox’s people miss something? 😀 FYI, I’m running Firefox 1.5.0.7.

UPDATE: This exception STILL exists in the most recent Firefox 2.0!!! I discovered it today!