Tuesday, May 10, 2005

There goes Firefox

In case you don't already know.
Two critical and uncorrected security flaws in the popular open source Firefox browser have quickly attracted designed to exploit the flaws.The flaws allow a potential attacker to run malicious code on a machine using the web browser, Firefox's parent the Mozilla said in a security advisory posted on its website.[...]

  article

Mozilla website explanation...
Yesterday, we reported that an arbitrary code execution vulnerability has been discovered in Mozilla Firefox. Today, the Mozilla Foundation published an advisory, MFSA 2005-42, which we urge all our readers to examine carefully. In summary, there are two separate issues that can be combined to execute arbitrary code on a victim's computer: one relating to JavaScript code injection and another involving the icon URL used in the software installation dialogue. However, as described below, the potential for arbitrary code execution is no longer a threat for most users. [...]
Rest of the story.

No comments:

Post a Comment

Comments are moderated. There may be some delay before your comment is published. It all depends on how much time M has in the day. But please comment!