Mozilla Plugs Firefox Bugs

Mozilla Firefox is now available and developers have fixed five bugs tagged as “critical.”

Mozilla Foundation Security Advisory (MFSA) 2006-20 is a fix for crashes that were caused by DHTML.

According to the advisory, “some of these crashes showed evidence of memory corruption that we presume could be exploited to run arbitrary code with enough effort.”

MFSA 2006-22 is titled, “CSS Letter-Spacing Heap Overflow Vulnerability” and could have potentially led to a condition whereby and attacker could run arbitrary code.

MFSA 2006-24 also carriers a “critical” rating and involves a privilege escalation flaw in the crypto.generateCRMFRequest method.

Versions of Firefox prior to the new release were also potentially susceptible to a flaw which could have put them at risk simply by doing a “Print Preview.” MFSA 2006-25, titled, “Privilege escalation through Print Preview,” addresses this flaw.

MFSA 2006-28 fixes a flaw that allowed a JavaScript security check function to be circumvented.

The new Firefox isn’t just a security update; it also provides universal binary support for Apple MAC OSX on Intel Core processors.

This article was first published on To read the full article, click here.

Sean Michael Kerner
Sean Michael Kerner
Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

Top Products

Related articles