Firefox 3.0.8 Fixes Two Critical Security Issues Found in Firefox 3.0.7
Mozilla had just released its latest Firefox 3.0.8 fixing two critical security holes found in their previous Firefox 3.0.7
Security Issue #1
Arbitrary code execution via XUL tree element
Description: Security researcher discovered that the XUL tree method _moveToEdgeShift was in some cases triggering garbage collection routines on objects which were still in use. In such cases, the browser would crash when attempting to access a previously destroyed object and this crash could be used by an attacker to run arbitrary code on a victim’s computer.
Security Issue #2
XSL Transformation vulnerability
Description: Security researcher discovered that an XSL stylesheet could be used to crash the browser during a XSL transformation. An attacker could potentially use this crash to run arbitrary code on a victim’s computer.
Users who are currently browsing with the Mozilla’s Firefox 3.0.7 are strongly advised to upgrade to the latest Firefox 3.0.8 by following the link here.
Update: Firefox 3.1 Alpha 2
-
http://n/a shirl murray
Recent Articles
- How To Enable Windows 8 Aero Glass-Style Transparency Effect
- BBC iPlayer Finally Arrives on Windows Phone 8 Free Download
- Viber Desktop for Windows & Mac Desk with Video Calling Feature
- Enable SugarSync to Sync External USB and Network Drives
- Sony Xperia ZR Waterproof Smartphone Allows Underwater Full HD Video Shooting