Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Mozilla has issued an updated version of its Firefox web browser to fix several vulnerabilities. Firefox 3.5.6 closes a number of “critical” flaws, which could allow an attacker to crash a victim's browser or run arbitrary code on an affected computer. This is the first time Firefox has been updated for security since late October. Of the seven security bulletins released by Mozilla as part of the update, one listed as critical addresses several stability bugs in the browser engine used in Firefox that could cause a crash.“Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort, at least some of these could be exploited to run arbitrary code,” Mozilla said in its bulletin. The two other critical bulletins address bugs in the browsers “libtheora” video library and “liboggplay” media library. An integer overflow vulnerability in the video library could be exploited by an attacker who uses a specially crafted video to cause a crash, run arbitrary code or initiate a denial-of-service attack. Several bugs in the liboggplay media library caused memory safety issues. The update also closes one vulnerability rated “high” in severity, three rated "moderate", and one rated "low." Mozilla has also released an update for Firefox 3.0, which address all the vulnerabilities in version 3.5 except those in the media or video library, because audio and video capabilities were not added until the latest iteration of the browser. Mozilla plans to only provide security and stability updates for version 3.0 until next month, so users are encouraged to update to Firefox 3.5. Users can download the update for 3.5 here and version 3.0 here. See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.