Computer Help Community

Community

Cyber Tech Help Community

New Tutorials

More Tutorials
PC Tutorials

New Downloads

More Downloads
PC Downloads

Member Testimonials

Open Member Quote   Keep up the good work and thank you all. I recommend you to all my friends whom have problems. I tell them to come here, read, and post. Have a good day - moon15431  Close Member Quote
Member Testimonials
MY CYBER TECH HELP

LATEST TOPICS

Tech Help Community

Free Antivirus Scan

Free Virus Scan and a listing of the top 10 viruses in the wild - Free Antivirus Scan
Free Online Antivirus Scan

File Extension Database

Find what program a filetype belongs to in our searchable File Extension Database.
File Extension Database

Related Microsoft Links

Technet

Expert Zone Community
Services
Cyber Tech Help Community

To the top of the page to top

 



Computing News | Mozilla addresses memory corruption issues in Firefox 2 fix

Latest News Latest News | News ArchiveNews Archive | Cyber Tech Help News RSS Feed!

Posted by: Tweaker
Date added: 07:59 Thursday, 27th March 2008 GMT
Source: Beta News

Firefox

Mozilla issued its 13th update to alternative browser Firefox 2, fixing six issues, two of which the company called critical.

"Some vulnerabilities and weaknesses have been reported in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system," security firm Secunia said of the fixes.

According to advisories, some of the problems also affect Thunderbird and SeaMonkey. Of the critical issues, "several" issues were fixed that appeared to be memory corruption issues. Mozilla presumes that arbitrary code could be executed with enough effort.

That issue, as well as the other critical update which deals with privilege escalation and code execution risk in Mozilla products, can be exploited through JavaScript. Scripts could be run with elevated privileges and the browser could be used to run cross-site scripting and code execution, it said.

Two high priority fixes were also issued, which dealt with an XUL popup spoof, an a Java issue that could allow for the opening of arbitrary ports on a user's system. Those issues only affected Firefox and SeaMonkey,

Other than that, a moderately rated fix was issued for an HTTP referrer spoofing risk, and a low-priority fix for a privacy issue with SSL client authentication.

Tools:  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

 

Post a commentPost a comment

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!  Register to become a member!  Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

 

[ To the top of the page To top | Latest News Latest News | News Archive News Archive | Cyber Tech Help News RSS Feed! ]