Mozilla releases security fixes for Firefox

By

The Firefox web browser has been patched for security flaws, four of which were identified as "critical" by Mozilla.

The Firefox web browser has been patched for security flaws, four of which were identified as "critical" by Mozilla.

A total of nine security flaws were fixed in the new release.

The patches include a fix for flaws such as one that allows scripts from page content to run with elevated privileges. With this, an attacker could cause an object such as a browser sidebar to interact with web content so that an attacker's code had elevated privileges.

Another bug fixed involved a condition that resulted when navigating away from a web page during the loading of a Java applet. This could have resulted in freed memory that an attacker could write to before it is reused -- and then run arbitrary code on the victim's computer.

The other critical issues were problems of memory corruption crashes, which could be exploited to run arbitrary code, and null owner document event listeners, which could enable a malicious event handler to execute arbitrary JavaScript code.

The new version of Firefox, 3.0.11, is available for Windows, Mac and Linux users. Mozilla said that it strongly recommends that users upgrade to the latest release.


See original article on scmagazineus.com


Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

CBA using facial recognition logins to verify disputed payments

CBA using facial recognition logins to verify disputed payments

Qantas obtains court order to prevent third-party access to stolen data

Qantas obtains court order to prevent third-party access to stolen data

Cloudflare makes changes to avoid repeat of 1.1.1.1 DNS outage

Cloudflare makes changes to avoid repeat of 1.1.1.1 DNS outage

Researchers demo AI-crippling GPUHammer attack

Researchers demo AI-crippling GPUHammer attack

Log In

  |  Forgot your password?