Firefox
Nine advisories cover 'critical' and 'high risk' flaws
R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com
Jargon Buster

ADVERTISEMENT

Mozilla issues 'critical' Firefox fixes

Update addresses a number of security issues

Shaun Nichols in California, vnunet.com 28 Mar 2008
ADVERTISEMENT

Mozilla has issued a Firefox update addressing a number of security issues in the popular open source browser.

The nine advisories cover vulnerabilities ranging from the ability to spoof pop-up windows to the possibility of remote execution of malicious code.

Among the most serious is a flaw in Firefox's handling of JavaScript code. Specially-crafted JavaScript code could compromise the browser and allow remote execution of code or a cross-site scripting attack.

The vulnerability was rated 'critical', the highest of Mozilla's four threat levels.

The second 'critical' flaw addressed a group of non-specified updates which, if exploited, could lead to a memory corruption error that could then allow an attacker to access the targeted system and remotely execute code.

Mozilla also issued updates for a pair of 'high risk' flaws, including a vulnerability in the Java component which could allow an attacker to access arbitrary connection ports.

Another 'high risk' flaw could allow an attacker to spoof pop-up windows on the target system.

Other fixes are for a vulnerability that could allow for the spoofing of URL referrers, and a set of vulnerabilities which could allow for cross-site scripting.

See also:

Microsoft
Standards-based IE8 shows 'new Microsoft'
Software giant makes break with proprietary past  26 Mar 2008
Mozilla
Mozilla raps Apple over Safari bundling
CEO criticises decision to push browser as an 'update'  25 Mar 2008
Mozilla Thunderbird
Mozilla launches Messaging subsidiary
Thunderbird 3 is go  19 Feb 2008
Firefox
Firefox 3 Beta 3 ready for download
Experts only, warns Mozilla  13 Feb 2008

All Bugs & Fixes
Tags: Firefox, Hacking, Ecommerce, Security

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
Network Support Analyst - 229120HD
Milton Keynes, Buckinghamshire, United Kingdom | Getronics
Getronics is one of the UK's leading providers of Information and Communication Technology (ICT) services and solutions, focusing on workspace management, application services and consulting & transformation services. Getronics helps organisations raise their performance and ... more >
WEB PROJECT MANAGER
LONDON, Camden, United Kingdom | Stream UK
WEB PROJECT MANAGER Based in the heart of Camden, Stream UK is a dynamic company witharound 30 members of staff. As leaders in supplying the needs relating to internet and broadcast convergence, we are involved ... more >
National Grid
United Kingdom | National Grid
Critical National Infrastructure (CNI) iGMS Domain Specialist, Hinckley,£38,000 - £44,000 National Grid is the largest utility in the UK and the second largest utility in the US. We play a vital role in delivering gas ... more >
Chief Enterprise Architect
Bristol / Flexible, United Kingdom | Environment Agency
Chief Enterprise Architect, Bristol / Flexible, Salary and package to attract the best You will lead and define the long term technical road map ensuring that new projects and technologies fit with the strategic vision ... more >
More job opportunities
Useful links: About us . Privacy policy . Terms & conditions . Site map . Bookmark this site . Accessibility
Consumer Technology websites:
Active Home Product reviews, competitions, news
Computeractive Software reviews, hardware reviews, buyers' guides, workshops, downloads
Gizmodo the daily gadget blog: technology news and reviews
PC Magazine your personal guide to technology
PCW software product reviews, hardware product reviews, buyers' guides, competitions
WebAct!ve what's happening on the web
What PC? helping you purchase the right computer, digital camera, peripherals, gadgets and more
Blogs:
Test Bed The PCW Labs blog, PCW Inter@ctive A reader blog from PCW. Your views, your comments, your say, Windows Watch Keeping an eye on the latest XP % Vista news
Jobs & Recruitment websites:
Accountancy Age Jobs Accountant jobs, jobs in finance, audit jobs, cima jobs, acca jobs, corporate finance jobs, management accounting jobs, finance director jobs, finance recruitment agency directory, Top 50 accountancy firms, accountant salary survey
Computing Careers IT jobs, Programmer jobs, Developer jobs, IT manager jobs, Project manager jobs, SAP jobs, Oracle Jobs, Java Jobs, IT recruitment agency directory, Top IT Employers 2005
Inquirer Jobs Software Engineer Jobs, firmware developer jobs, electronics engineer jobs
Other titles in the Incisive Media network:
Business Technology websites: BusinessGreen . Computing . Computing Business . CRN . The Inquirer . IT Week . vnunet.com
Business & Finance websites: Accountancy Age . Best Practice . Financial Director . Management Consultancy
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503