Computer Help Community


Cyber Tech Help Community

New Tutorials

PC Tutorials

New Downloads

More Downloads
PC Downloads

Member Testimonials

Open Member Quote   Since I have found C.T.H. my experience has been enhanced and very enjoyable. I am learning and find myself more enclined to be taking than receiving. Hopefully this will change and I will be able to help more .Inthe mean time I have other skills and I will try to read the anything else board and maybe help in other ways. Keep the quality up, and the humour - mickb  Close Member Quote
Member Testimonials


Tech Help Community

Free Antivirus Scan

Free Virus Scan and a listing of the top 10 viruses in the wild - Free Antivirus Scan
Free Online Antivirus Scan

File Extension Database

Find what program a filetype belongs to in our searchable File Extension Database.
File Extension Database

Related Microsoft Links

Cyber Tech Help Community

To the top of the page to top


Computing News | Mozilla addresses memory corruption issues in Firefox 2 fix

Latest News Latest News | News ArchiveNews Archive | Cyber Tech Help News RSS Feed!

Posted by: Tweaker
Date added: 07:59 Thursday, 27th March 2008 GMT
Source: Beta News


Mozilla issued its 13th update to alternative browser Firefox 2, fixing six issues, two of which the company called critical.

"Some vulnerabilities and weaknesses have been reported in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system," security firm Secunia said of the fixes.

According to advisories, some of the problems also affect Thunderbird and SeaMonkey. Of the critical issues, "several" issues were fixed that appeared to be memory corruption issues. Mozilla presumes that arbitrary code could be executed with enough effort.

That issue, as well as the other critical update which deals with privilege escalation and code execution risk in Mozilla products, can be exploited through JavaScript. Scripts could be run with elevated privileges and the browser could be used to run cross-site scripting and code execution, it said.

Two high priority fixes were also issued, which dealt with an XUL popup spoof, an a Java issue that could allow for the opening of arbitrary ports on a user's system. Those issues only affected Firefox and SeaMonkey,

Other than that, a moderately rated fix was issued for an HTTP referrer spoofing risk, and a low-priority fix for a privacy issue with SSL client authentication.

Tools:  Tools: Post a comment | Link to this news item | Send to a friend | Submit News


Post a commentPost a comment

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!  Register to become a member!  Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.


[ To the top of the page To top | Latest News Latest News | News Archive News Archive | Cyber Tech Help News RSS Feed! ]