I.T. Vibe
Latest Business Communications Gaming General Security Technology Virus  
   Member Services
Login
Register
   General Services
Contact Us
Merchandise
Toolbar
RSS Feeds
Other Formats
   Site Search
 
Advanced Search
   News Alerts
Enter your email address to receive news alerts
 
View Privacy Policy
Unsubscribe
   Information
Latest Virus Alerts
Internet Threat Level
Internet Traffic Report
   Opinion Poll
Macs - Love Them or Hate Them? Place your votes now.
Love 'em
Hate 'em
Indifferent
Reader Comments: 0
View All Polls
Two critical vulnerabilities in Firefox 1.0.3
Monday, May 09, 2005 at 20:28 by Laurence Norah
Online security advisory firm Secunia have posted details of two extremely critical vulnerabilities in the Mozilla Firefox web browser software. Currently unpatched, the flaws can be exploited to conduct cross site scripting attacks which can result in a user's system being compromised.

The vulnerabilities exist in the latest version of the Firefox product (1.0.3), and it is believed that the Mozilla Foundation are currently working on producing a 1.0.4 release to address the problems.

At the time being users running the Firefox browser are being advised by the Mozilla Foundation to disable Javascript until a fix is issued. It is also recommended that users disable software installation.

These two high severity bugs are not good news for the Firefox browser, which is trying to establish itself as a secure alternative to Internet Explorer. Firefox 1.0.3 was released less than a month ago, and 1.0.2 only three weeks before that. Still, users can gain some solace in the fact that Mozilla do seem to turn bugs around in record time.

When a patch comes out, which we expect to happen very soon, we would strongly urge all Firefox users to install it. In the meantime, either follow the suggestions provided, or use an alternative browser.
 
Contact Laurence Norah, the author of this article View a printer friendly version of this article Email this article to a friend RSS Feeds
Comment # 1 on 09 May 2005 at 21:12 by Anonymous
Wow, thanks for this, I have been using Ffox exclusively since I cannot stand IE and how long it takes to load up. IE also seems to run different stuff on my computer. Looking forward to the patch
Comment # 2 on 10 May 2005 at 13:49 by Anonymous
Cant be any worse than IE. Even with the holes.
Comment # 3 on 11 May 2005 at 13:55 by Anonymous
Hmm... I thought Firefox was immune to this stuff. Thats what was claimed when it was launched.
Comment # 4 on 11 May 2005 at 16:25 by Rich
All products are immune when launched, once they get out there people start finding things wrong.
Comment # 5 on 11 May 2005 at 19:24 by Loz
and it's got to be easier to find things that are wrong when the source code is publicly available.
Comment # 6 on 11 May 2005 at 23:49 by Anonymous
>and it's got to be easier to find things that are wrong when the source code is publicly available.< If the scumbags are looking harder, then bad things can happen.
Comment # 7 on 13 May 2005 at 08:00 by Anonymous
Mozilla issued an update - FireFox 1.0.4. Go to mozilla.org and get it, if you use earlier version.
Your Verification Number:

Please enter your Verification Number:

Related Articles:
Critical Firefox update released
Firefox security hole patched
Firefox update released by Mozilla
Firefox exceeds 25 million downloads
Security holes in Firefox and Thunderbird
 
Recent Articles In Security:
Are You happy To Pay Using Your Mobile?
Is Someone Piggybacking Your Wireless Connection?
DNA Breakthrough May Mean More Prosecutions
US ATM Crooks Target the UK
British Hacker loses appeal
 
Other Recent Articles:
Is Phorm under investigation by the Police?
Is the iPlayer the new Google of the media world?
Electronic Arts fuel giveaway back fires
New Microsoft Ad Gets Panned – But Did It Catch Your Attention?
Sony Forced To Recall 500,000 PCs
 

 © 2008 I.T. Vibe - All Rights Reserved - All Trademarks Recognised - Privacy Policy - Terms & Conditions