Mozilla Patches Some Firefox Holes

Mozilla updated its flagship Firefox browser to version and
the legacy version to release 1.5.10. The updated browser fixes at least seven flaws, including a password vulnerability bug rated critical last November.

The Mozilla Foundation Security Advisory 2007-02, broadly titled “Improvements to help protect against Cross-Site Scripting attacks,” provides a fix for the password vulnerability flaw. The advisory is listed as having low impact, though the original bugzilla entry page for
the password flaw listed the flaw as critical.

According to Mozilla’s advisory, Firefox and both contained
several small changes that are intended to make it easier for sites to
protect visitors against Cross-Site Scripting (XSS) attacks.

The one critical bug identified by Mozilla in the latest release is a
crash condition that could lead to a memory corruption, according to Mozilla’s advisory.

“Some of these were crashes that showed evidence of memory corruption and we
presume that with enough effort at least some of these could be exploited to
run arbitrary code,” the advisory said.

This article was first published on To read the full article, click here.

Sean Michael Kerner
Sean Michael Kerner
Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

Latest articles

Top Cybersecurity Companies

Related articles


Please enter your comment!
Please enter your name here