Firefox, IE Affected By Zero Day Flaws
According to the news by Search security on June 5, 2007, Vulnerability Researcher Michael Zalewski has come up with complete details of four fresh zero day flaws in Internet Explorer (IE) and Firefox, which could be misused to steal cookies, download malware or log keystrokes.
According to the news in Itweek on June 5, 2007, Michael Zalewski - security researcher - has highlighted two mistakes within both the browsers in a posting to the Full Disclosure mailing list.
According to Secunia, the security firms, this year, almost same kind of worms have affected Firefox and IE, but IE has been captured by more serious viruses than Firefox. According to a report, Mozilla claims that Firefox 18.104.22.168 and 22.214.171.124 update releases had worms that can permit the use of remote system.
As per the news by Search security on June 5, 2007, Zalewski wrote, that about a series of focus operations that could be used for surpassing delay timers marked on certain Firefox confirmation dialog, enabling the hacker to download file without the consent of the user. It also has a flaw that can lead to the exploitation of confirmation dialog.
According to the CSO online on June 5, 2007, Mozilla said that some of these problems showed the proof of corruption of memory under some situations and, moreover, some of these could be misused to run arbitrary code.
According to CSO online on June 5, 2007, last week Mozilla foundation made an announcement that it had settled several flaws in Firefox browser and viruses in the Thunderbird and SeaMonkey system.
» SPAMfighter News - 19-06-2007