The open-source group posted fixes for both Firefox 2 and 3, addressing critical vulnerabilities in both versions of the browser along with compatibility and stability fixes.
Firefox 3 received three fixes, each addressing flaws rated as 'critical' by Mozilla. Each flaw could be targeted by an attacker to perform remote code execution attacks on the user's system.
The first of the patches only affects MacOS X users. The vulnerability could allow for an attack launched from a malformed GIF file. The specially-crafted image could be used to cause an application crash which would then leave the system vulnerable to remote code execution.
The second flaw addresses an issue related to the handling of uniform resource identifier (URI) code, which allows external applications to access the browser.
Researcher Billy Rios found that adding certain symbols to a URI could allow an attacker to bypass Firefox's security measures and launch further attacks on the browser, such as the Safari 'carpet bomb' attacks reported last month.
The third vulnerability addresses the way Firefox handles cascading style sheet (CSS) code. An attacker could use a specially-crafted CSS object to cause an application crash which would then allow remote code execution.
Firefox 2 also received updates. The older version of the browser was also found to be vulnerable to the CSS and URI attacks, though a patch for the OS X GIF vulnerability was not deemed necessary.
Users can download both of the updates from Mozilla, though both the US Computer Emergency Response Team (US-CERT) and security group Sans recommend that Firefox 2 users consider upgrading to the new version of the browser, as support for Firefox 2 is set to end later this year.
Firefox gets security tune-up
By Shaun Nichols on Jul 18, 2008 2:57PM