Mozilla releases security fixes for Firefox

By

The Firefox web browser has been patched for security flaws, four of which were identified as "critical" by Mozilla.

The Firefox web browser has been patched for security flaws, four of which were identified as "critical" by Mozilla.

A total of nine security flaws were fixed in the new release.

The patches include a fix for flaws such as one that allows scripts from page content to run with elevated privileges. With this, an attacker could cause an object such as a browser sidebar to interact with web content so that an attacker's code had elevated privileges.

Another bug fixed involved a condition that resulted when navigating away from a web page during the loading of a Java applet. This could have resulted in freed memory that an attacker could write to before it is reused -- and then run arbitrary code on the victim's computer.

The other critical issues were problems of memory corruption crashes, which could be exploited to run arbitrary code, and null owner document event listeners, which could enable a malicious event handler to execute arbitrary JavaScript code.

The new version of Firefox, 3.0.11, is available for Windows, Mac and Linux users. Mozilla said that it strongly recommends that users upgrade to the latest release.


See original article on scmagazineus.com


Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
firefoxfixesformozillareleasessecurity

Sponsored Whitepapers

What 4 wholesale distribution challenges aren’t going away anytime soon?
What 4 wholesale distribution challenges aren’t going away anytime soon?
State of the SOC: Building Resilience in a Shifting Threat Landscape
State of the SOC: Building Resilience in a Shifting Threat Landscape
Transform IT Service Delivery with Freshworks ITSM
Transform IT Service Delivery with Freshworks ITSM
Digital Transformation That Works in the Real World
Digital Transformation That Works in the Real World
Beyond the Breach: Logicalis Delivers Scalable, Business-Aligned MXDR Security
Beyond the Breach: Logicalis Delivers Scalable, Business-Aligned MXDR Security

Events

Most Read Articles

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study

Travel eSIMs secretly route traffic over Chinese and undisclosed networks: study
"Widespread data theft" hits Salesforce customers via third party

"Widespread data theft" hits Salesforce customers via third party
Attackers weaponise Linux file names as malware vectors

Attackers weaponise Linux file names as malware vectors
Home Affairs adds SecOps to new cyber risk overhaul

Home Affairs adds SecOps to new cyber risk overhaul
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?