Browse > Home / Blog article: Fix issued for ‘critical’ Firefox flaws

Fix issued for ‘critical’ Firefox flaws

By Isabelle Chaize

March 28, 2008

Mozilla has released an update for its open source browser, Firefox. The fix corrects various security related problems with the browser.

There are nine flaws addressed in the update, including two ‘critical’ flaws. ‘Critical’ is the highest risk level in Mozilla’s threat rating system.

One of the two critical vulnerabilities is to do with the way in which Firefox deals with JavaScript code. A specially designed JavaScript code could potentially exploit the fault, taking control of the browser so that an attacker could remotely execute code or launch a cross-site scripting attack.

The other addresses a group of unknown updates which might be exploited to cause a memory corruption error, which would then enable access to the victim’s system and the remote execution of code.

Among the other fixes were three ‘high risk’ flaws, which included a weakness in the Java component which could lead to an attacker being able to access arbitrary connection ports.

Another is a fault letting attackers spoof pop-up windows on the target system.

The other fixes deal with a weakness which puts the system at risk from spoof URL referrers, and a group of faults which leave room for cross-site scripting attacks.

Click here to discuss this: Security Forums

Filed Under IT Security 
Tagged:



Add to Bookmarks:

ADD TO DEL.ICIO.US     ADD TO DIGG     ADD TO FURL

ADD TO STUMBLEUPON     ADD TO YAHOO MYWEB     ADD TO GOOGLE     ADD TO SPURL


Related posts to "Fix issued for ‘critical’ Firefox flaws":



Comments

Got something to say?





Visited 223 times, 1 so far today