Sunday, August 5, 2007

Mozilla Fixes 2 Crucial Bugs in Firefox

Mozilla has released version 2.006 of its mainstream browser Firefox, which fixes 2 very important security vulnerabilities. This fix has been introduced just before the launch of the infamous BlackHat security conference in Las Vegas this week.

Among the two fixes, one of them - MFSA 2007-27- takes care of an issue where Firefox did not properly encode spaces and double-quotes while parsing URLs. This allowed execution of any program installed at a known location and would allow enough access to a compromised system to completely taken over. The second, and smaller fix - MFSA 2007-26 - corrects a bug that was introduced by the fix for an earlier vulnerability. This vulnerability would allow escalation attacks against add-ons that create "about: blank" windows.
source:tech2.com

Posted by Admin at 2:00 AM

Subscribe to: Posts (Atom)