News Stay informed about the latest enterprise technology news and product updates.

Mozilla fixes Firefox flaws

Attackers could exploit multiple flaws in Firefox, SeaMonkey and Thunderbird to crash machines, bypass security restrictions and launch malicious code.

Mozilla has fixed multiple flaws in Firefox, SeaMonkey and Thunderbird that attackers could exploit to bypass security...

restrictions, crash machines and run malicious code. The issues do not appear to affect the recently-released Firefox 2.0.

Firefox in the news:
Poll: Firefox vs. IE 7

Security Blog Log: Dissecting Firefox 2.0

Firefox fans unfazed by IE 7

What if Firefox were the target?

The pros and cons of migrating to Firefox

How to switch an enterprise from IE to Firefox

According to three advisories Mozilla released Tuesday:

  • Attackers could exploit several unspecified glitches to corrupt system memory, crash machines and possibly run malicious code. Mozilla noted that Thunderbird shares the browser engine with Firefox and could be vulnerable if JavaScript were enabled in mail.

  • RSA digital signatureswith a low exponent could be forged. The flaw was corrected in the Mozilla Network Security Services (NSS) library version 3.11.3 used by Firefox 2.0 and current development versions of Mozilla clients, but Firefox was still vulnerable to attack.

  • Attackers could modify a script object while it is executing and launch malicious JavaScript code as a result.

    The problems are rated critical by Mozilla and are fixed in Firefox, Thunderbird and SeaMonkey 1.0.6.

    The issues do not appear to affect the recently released Firefox 2.0, which included a variety of security tweaks and a new anti-phishing feature.

  • Dig Deeper on Web browser security



    Find more PRO+ content and other member only offers, here.

    Start the conversation

    Send me notifications when other members comment.

    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

    Please create a username to comment.







    • CIO Trends #6: Nordics

      In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

    • CIO Trends #6: Middle East

      In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

    • CIO Trends #6: Benelux

      In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...