Mozilla Patches Things UpMozilla Patches Things Up
Days after Firefox's zero-day scare, Mozilla patches a new crop of vulnerabilities
October 5, 2006
As it turns out, there were some flaws in Mozilla's software after all.
The open source company today issued a series of patches for vulnerabilities exposed recently in Firefox, Thunderbird, and SeaMonkey, and recommended that users patch their systems immediately.
The patches come on the heels of a scare over a "zero-day" vulnerability in Firefox that was alleged by a hacker at the ToorCon conference earlier this week. In the end, the scare was overblown -- the hacker later conceded that the vulnerability only allows users to crash the browser, not control it. (See Zero-Day: Won't Go Away.)
The new vulnerabilities are very real, experts say. Two researchers -- Fernando Ribeiro and Priit Laes -- separately found errors that could lead to denial of service attacks, and possibly remote code execution, in Mozilla software.
Aside from the named discoveries, Mozilla reported "multiple unspecified vulnerabilities" in Firefox, Thunderbird, and SeaMonkey that could allow an attacker to cause a denial of service, corrupt memory, "and possibly execute arbitrary code."
Mozilla users can eliminate the vulnerabilities by installing patches and updates, the vendor said.
— Tim Wilson, Site Editor, Dark Reading
About the Author(s)
You May Also Like
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Quantifying the Gap Between Perceived Security and Comprehensive MITRE ATT&CK Coverage
Get the Gartner Report: SOC Model Guide
Building Immunity: The 2021 Healthcare and Pharmaceutical Industry Cyber Threat Landscape Report