Firefox Update Tackles Pair of Critical Bugs
Mozilla plugs holes while the march continues toward Firefox 3.
While Mozilla is busily developing its next-generation Firefox 3 open source Web browser, work continues to improve stability and security with the current Firefox 2.x.
A case in point is the new Firefox 220.127.116.11 release, which is accompanied by no less than six Mozilla Foundation Security Advisories -- two of them critical.
By running with elevated privileges, the script could potentially have been used by an attacker to exploit a vulnerable system.
The second critical bug fix by Mozilla in the latest release relates to memory corruption.
"Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products," Mozilla said in its advisory. "Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code."
The new release also addresses a unique spoofing vulnerability that could potentially be used by an attacker in a phishing exploit.
The flaw -- which Mozilla rated a "High" severity issue -- makes use of XML User Interface Language (XUL), the group's language for creating the browser user interface. The issue potentially enables an attacker to launch a borderless pop-up in front of a user's active browsing session.
According to Mozilla's advisory, which labels the problem as "XUL pop-up spoofing variant (cross-tab pop-ups)", the technique could be used to spoof a login prompt for a site opened in a different tab -- allowing the attacker to steal the user's login credentials for that site.
Mozilla also patched a second spoofing issue in Firefox 18.104.22.168.
The flaw, originally reported by security research rsnake on the sla.ckers.org site in January, hinges on spoofing HTTP Referrers -- HTTP elements that provide information on the Web location where a user originated before visiting a particular site or page.
The vulnerability affects referrers that include authentication credentials but lack user names. Those bad referrers could potentially be used for a Cross-Site Request Forgery (CSRF) attack.
Although the magnitude of the 22.214.171.124 update is somewhat less than in previous updates -- representing a decrease from the 10 fixes in February's 126.96.36.199 release -- the update continues efforts by Mozilla to lock down the current, stable Firefox 2.x release.
While one Mozilla team works to plug holes in Firefox 2.x, resources are also being poured into its next-generation Firefox 3 browser. Currently at its Beta 4 release a fifth Beta is expected by early next week.
Security News Solutions