Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Six Security Vulnerabilities Disclosed By Mozilla

According to the news in Secure computing on June 1, 2007, Mozilla has come up with six security-advising bodies on Wednesday (May 30, 2007), which has detected flaws in its Sea monkey, Thunderbirds, and Fire fox programs.

The most important part of this flaw in Firefox, SeaMonkey, and Thunderbirds is that, if exploited, it can result in to crashes.

Some mistakes have been detected in Mozilla Firefox, and they can be used by hackers to surpass security norms, hold spoofing task, and exploit a system. According to an advisory, the investigators of Mozilla have supposed the flaw to allow an arbitrary code.

According to the news published by Itweek on May 31, 2007, Mozilla said that since Thunderbird is sharing the browser engine with Firefox, it can be more dangerous if JavaScript will work through mail.

Since the flaws affect the previous versions, the programs have released new versions like Firefox and and SeaMonkey 1.1.2 and 1.0.9, and Thunderbird and The users of Mozilla should update these versions frequently as the hackers can easily insert deadly codes in previous versions.

Mozilla also cautioned against a highly effective cross-site scripting bug in Fire fox, which can be used for infecting sites with harmful codes. Further, it was suggested to the users not to use Java Script till a fresh version is downloaded.

A Calif-based organization, The Mountain View, fixes low effective vulnerabilities in XUL popup spoofing, cookie handling and form auto complete with moderate security vulnerability in SeaMonkey, and Thunderbird APOP Authentication.

Director of Qualys' vulnerability research lab, Amol Sarwate, said to SCmagazine that Mozilla has done a great job in categorizing the flaws' risk.

According to the news published in Secure computing on June 1, 2007, Sarwate acknowledges the great job of Mozilla in ranking the vulnerabilities. The first flaw (a memory corruption flaw) is important due to which many websites gets deadly codes on it.

In an advisory released on Wednesday, FrSIRT categorized the first six mistakes as the most important. On the other hand, Secunia cites four mistakes and ranked them as "most important", in an advisory released today (May 31, 2007).

Third parties, such as Yahoo, Google, Face book provides an extension have been informed about the bug but still have not been provide with a patch.

Related article: SEC Imposes Trading Ban on 35 Companies

ยป SPAMfighter News - 6/12/2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page