Critical Bugs Patched in Older Versions of Firefox

The critical flaws are in Firefox 3.5.8 and Firefox 3.0.18.

 By Kara Reeder | Posted Feb 18, 2010
Page of   |  Back to Page 1
Print Article
Mozilla has patched five vulnerabilities in older editions of Firefox. Computerworld reports that three of the vulnerabilities are rated as "critical."

The critical flaws are in Firefox 3.5.8 and Firefox 3.0.18 and affect the browsers' Gecko rendering engines, the HTML parsers, and their implementations of Web Worker. The bugs could allow a hacker to inject their own malware onto the machine. According to this advisory:

Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

The remaining two vulnerabilities are rated "moderate" and could be exploited in cross-site scripting attacks.

Firefox 3.6 does not need to be updated as the vulnerabilities were addressed when the browser shipped on Jan. 21.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter

By submitting your information, you agree that enterprisenetworkingplanet.com may send you ENTERPRISENetworkingPLANET offers via email, phone and text message, as well as email offers about other products and services that ENTERPRISENetworkingPLANET believes may be of interest to you. ENTERPRISENetworkingPLANET will process your information in accordance with the Quinstreet Privacy Policy.