Members Login
Username 
 
Password 
    Remember Me  
Post Info TOPIC: Firefox 3 vulnerability found


The Chosen Woo

Status: Offline
Posts: 21048
Date:
Firefox 3 vulnerability found


Firefox 3 vulnerability found

Tipping Point ranked the severity of Firefox 3's vulnerability as high, but said users would have to click on a link in an e-mail or visit a malicious Web page before being affected


dot_t.gif

By Nancy Gohring, IDG News Service


June 19, 2008

Five hours after Mozilla officially released Firefox 3.0, researchers found a vulnerability in the new browser.

Tipping Point has verified the bug and reported it to Mozilla, Tipping Point said on Wednesday.

Since Mozilla is still working on a fix, the researchers won't share details about the problem. Tipping Point ranked the severity of the vulnerability as high, but said that users would have to click on a link in an e-mail or visit a malicious Web page before being affected. The issue affects users of Firefox 3.0 as well as Firefox 2.0.

Once the problem is fixed, Tipping Point will publish an advisory on its Web site, it said.

[ Firefox's major update scores big with unprecedented ease, snappier performance, and sensible security features. Read the Test Center's full review. ]

Tipping Point found out about the vulnerability through its Zero Day Initiative, which lets researchers earn cash by submitting new vulnerabilities to the company. Once Tipping Point validates the issue, it pays the researcher for the information and notifies the relevant software vendor of the technical details.

Mozilla did not respond to a request for comment.

Mozilla launched its newest browser on Tuesday along with a marketing stunt that went a bit wrong. The company announced that it wanted to set a Guinness World Record for the largest number of software downloads in a 24-hour period. However, the volume of downloads crippled Mozilla's site , and so customers in the U.S. couldn't begin downloading the software until two hours later than expected. Still, Mozilla said it logged more than 8 million downloads within 24 hours. There is currently no record for number of software downloads in a day, but Mozilla must now wait for review of the stunt by Guinness officials.



__________________
"Am I speaking in a language you're not getting here?"


Permanent Vacation



Status: Offline
Posts: 23086
Date:

#^@\!!  

But it sounds like the vulnerability was in 2.0 too, so I guess I didn't necessarily download it too early.

-- Edited by MzHartz at 07:52, 2008-06-19

__________________

tumblr_maefr2j2Bt1rrd8d6o1_500.gif

 



Permanent State of Confusion

Status: Offline
Posts: 27006
Date:

Hate when that happens.

__________________

Stop trying to be what you see. Be what you ought to be.



King of the Ring

Status: Offline
Posts: 4941
Date:

I am sure Internet Explorer has a few more than Firefox.

smile

__________________



Doesn't Do Windows



Status: Offline
Posts: 25589
Date:


Yeah, they will get it fixed and Firefox will auto update pretty quickly. They won't make you wait until the monthly "Patch Tuesday" to fix it like those other guys do.



__________________


Page 1 of 1  sorted by
 
Quick Reply

Please log in to post quick replies.

Tweet this page Post to Digg Post to Del.icio.us


Create your own FREE Forum
Report Abuse
Powered by ActiveBoard