Firefox version 188.8.131.52 includes a cumulative fix for bugs leading to crashes and a fix for the way Script object modifies XPCNativeWrappers.
Mozilla disclosed on Thursday that some of the crash-causing issues could eventually be exploited to run arbitrary code on a victimized PC.
The distribution also patched a flaw in Firefox for Windows XP with Internet Explorer 7 installed that occurs with a malformed URI. Billy (BK) Rios and Nate Mcfeters were credited with disclosing the flaw.
The fix detects when Windows would mishandle such URIs so that the wrong program does not get launched, according to Mozilla's advisory.
The Mountain View, Calif.-based company also patched a “moderate” flaw in Firefox and SeaMonkey that could allow file stealing through a URI scheme.
The vulnerability, reported by Georgi Guninski, can be exploited if an attacker stores a malicious page on a server and lures a victim into loading it.
Also fixed were moderate flaws in Digest Authentication request splitting and file upload control, as well as low-danger flaws in XUL pages and onUnload Tailgating.
The group of flaws earned a “critical” ranking from FrSIRT in an advisory released today, and a “highly critical” ranking from Secunia.
Rene Gonzalez, product manager at Lumension, an endpoint security vendor, said that as Firefox becomes more popular, it will also receive increased attention from researchers.
“The trend seems to be with the browser. Every month they have a new update for the browser, and as it becomes more popular, more vulnerabilities become prominent on the desktop,” Gonzalez told SCMagazineUS.com today.
See original article on SC Magazine US
Mozilla patches eight flaws, two critical, in Firefox
By Frank Washkuch on Oct 22, 2007 11:25AM