Critical Bugs Patched in Older Versions of Firefox

The critical flaws are in Firefox 3.5.8 and Firefox 3.0.18.

 By Kara Reeder
Page of   |  Back to Page 1
Print Article
Mozilla has patched five vulnerabilities in older editions of Firefox. Computerworld reports that three of the vulnerabilities are rated as "critical."

The critical flaws are in Firefox 3.5.8 and Firefox 3.0.18 and affect the browsers' Gecko rendering engines, the HTML parsers, and their implementations of Web Worker. The bugs could allow a hacker to inject their own malware onto the machine. According to this advisory:

Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

The remaining two vulnerabilities are rated "moderate" and could be exploited in cross-site scripting attacks.

Firefox 3.6 does not need to be updated as the vulnerabilities were addressed when the browser shipped on Jan. 21.

This article was originally published on Feb 18, 2010
Get the Latest Scoop with Networking Update Newsletter