Skip to content

Biting the hand that feeds IT

The Register ®

Security:


Find It

Related Whitepapers

[Print][Mobile][Alerts]

Firefox under fire from multiple security bugs

21 reasons to update Mozilla software

Published Tuesday 18th April 2006 10:05 GMT

The Mozilla Foundation has warned of a slew of critical vulnerabilities to its popular Firefox web browser and related products. The most serious of the flaws create a means for hackers to inject malware onto vulnerable systems. Other flaws would make it easier to construct phishing attacks or swipe sensitive information from PCs running Firefox.

Mozilla products fail to properly enforce security restrictions in JavaScript and are subject to memory corruption via maliciously constructed HTML tags. There's also problems with how the products handle Cascading Style Sheets which leave open security holes that might allow the execution of arbitrary code on a vulnerable system. US CERT has produced a useful overview of the vulnerabilities, the most extensive ever to affect Mozilla products, here. Secunia documents the 21 vulns here.

Users are advised to upgrade to Mozilla Firefox 1.5.0.2, Mozilla Thunderbird 1.5.0.2, or SeaMonkey 1.0.1 to guard against attack. A security update to the Thunderbird email client (version 1.5.0.2) is due to be released on Tuesday. ®

Track this type of story as a custom Atom/RSS feed or by email.
Previous Article Next Article
whitepaper title

The Perfect (Virtual) Marriage

Get consistent virtual machine storage savings of 50% (often as high as 90%) with virtually no performance impact with NetApp deduplication..
whitepaper title

Gartner Paper: US Data Centers

U.S. enterprise data centers face considerable space and energy constraints over the next few years. Download this free independent report to read more..
Whitepapers

Top 20 storiesAll The Week’s HeadlinesArchiveSearch