Home » News » Secunia Reports Security Bugs ...

News by JavaScriptSearch


Secunia Reports Security Bugs in Firefox; Mozilla Updates Browser

 

JavaScriptSearch
Thursday, July 27, 2006; 04:39 AM

Security company Secunia reported multiple serious vulnerabilites in the 1.5 branch of the Firefox browser. The Mozilla Foundation, which developed and supports Firefox, responded quickly by updating the software to v.1.5.0.5.  The latest update is not affected by the bugs.


Secunia said it has discovered multiple threats to Firefox users, and qualified them as "highly critical." Secunia uses a five-level criticality rating that ranges from "not critical" (the lowest critcicality level) to "extremely critical" (the fifth level) The vulnerabilities in Firefox were rated as belonging to the fourth rank.

The vulnerabilities are related to Firefox's handling of JavaScript and DOM methods.  They can be exploited to cause cross site scripting, denial of service attacts and remote access to a user's computer system.

Mozilla developers discovered and reported some of the bugs that Secunia listed on its site at http://secunia.com/advisories/19873/. Many Firefox user will get their browser auto-updated.  Manual download of the latest version is available at http://www.mozilla.com/firefox/releases/1.5.0.5.html.

In a separate security advisory by antivirus software vendor McAffee, the existence of a Firefox-specific trojan was reported.  The malicios software attempts to install itself as an extension to the browser, giving more weight to the argument that market share is co-related to security issues.  

Advertisement

Partners

Related Resources

Other Resources

arrow