iTWire - More critical security flaws revealed and fixed in Firefox 2

Today on iTWire iPhone IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Discuss Events IT&T JOBS

IT NEWS Sustainability

- Virtualisation

Technology news and Jobs

TAG

More critical security flaws revealed and fixed in Firefox 2

PDF

E-mail

by Stephen Withers
Wednesday, 02 July 2008
! Firefox 3 arrived with a bang last month, but its predecessor is still being maintained. Version 2.0.0.15, released this week patches a dozen security flaws, five of them rated critical. Related stories Dark matter and ordinary matter separate as two massive galaxies collide Optus: Telstra “threatened” by our rapid network expansion Should you fly the capped mobile broadband skies with iPrimus? Telstra challenges “ludicrous” Optus to get “independent audit” Why Pod when you can Plum? At least two of the critical vulnerabilities permit the execution of arbitrary code, and another involves crashes with memory corruption, often taken as a sign that it may be possible to exploit the bug to trigger code execution. Among the four high impact vulnerabilities fixed in 2.0.0.15 is one that's specific to Java LiveConnect on Mac OS X and allows arbitrary socket connections. Another in the category could be exploited to trigger the upload of arbitrary files. Two of the remaining vulnerabilities were judged to be of moderate impact, and one was rated low (the category used for minor security vulnerabilities such as Denial of Service attacks, minor data leaks, or spoofs). Mozilla has not yet published security advisories for these bugs. One possible explanation is that a critical flaw found in Firefox 3.0 also existed in version 2.0.x, and a fix for the the new browser has yet to be released. Even with the development of Firefox 3, there has been no shortage of updates for its predecessor during 2008. Version 2.0.0.14 appeared in April, 2.0.0.13 in March, and 2.0.0.12 in February. All contained one or more critical fixes. Around 28 million copies of Firefox 3.0 have been downloaded from Mozilla's network or mirror sites. According to Net Applications, Firefox 2 accounts for 16 percent of web usage, with Firefox 3 taking 2 percent. That's quite different from iTWire's readership, which is over 30 percent Firefox 3 and over 25 percent Firefox 2. Please enable JavaScript in your browser to post your comment! Tags See All Tags Browsers Firefox Internet Internet Explorer Security Stephen Withers Web Get stories like this delivered daily - FREE - subscribe now

< Next story in category		Previous story in the category >

Sponsored Releases

PMPerfect Releases Online PMP Exam Practice for Professionals

...Promote yourself here

Latest jobs

SAP BASIS Consultant - Great rates offered
DB2 DBA
Specialised Applications Support
Developer - .Net
Certified Trainer - Business Intelligence
$$ Network Operations Analyst $$ - Permanent
Solution Architect - $710/day - 12 months contract
Communications Manager
Appbuilder / Cool:Gen Developers
Solutions Designer - Datawarehousing
Release Manager - SAP implementation
Oracle Change Data Capture Specialist
Tester / Performance Analyst x 5
SAP FI Consultant
SAP ABAP Consultant - with Payroll knowledge
Contracts Officer
Project Manager - Unified Comms
Release Manager - 12 month contract
Platform Architect
Oracle Developer - Brisbane based - 2 years

Subscribe to our free e-newsletter

First name:
Last name:
Your email address:
Your role:
Your industry:

Australian state:
Country:
Enter the security code shown:
mandatory

Being discussed now

Contact , Register , Advertise with iTWire , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page

Industry Releases , Submit your release now

website free tracking