Firefox 3 suffers its first vulnerability

According to Tipping Point's Zero Day Initiative, the vulnerability, which it rates as critical, was reported within the first five hours of Firefox 3's release.
"Once the vulnerability was verified in TippingPoint's DVLabs and acquired from the researcher, the vulnerability was promptly reported to the Mozilla security team," said a representative.
Although the Zero Day Initiative team does not offer specifics until the vendor has a chance to patch it, the blog post did say this vulnerability, which also affects Firefox 2, requires user interaction and could result in an attacker executing arbitrary code.
Mozilla is reported to be working on a fix.
The Zero Day Initiative has been criticized in the past for paying researchers who find vulnerabilities.
- Topics:
-
Browsers and extensions,
-
Security
- Bookmark:
- Digg
- Del.icio.us



in the interview the *** mentioned that FF was the most secure browser and they've fixed 15000 issues ..yada yada yada..since this is the same security flaw that's exploitable in FF2, how come it wasn't addressed in the list of fixes?
shame on you!
It does not matter if the vulnerability was already there. If Firefox 3 is so much better, why didn't it get fixed.
How embarrassing.
(why do the Mac people trash Linux so badly when their OS is based on Linux...?' eh?)
(why do the Mac people trash Linux so badly when their OS is based on Linux...?' eh?)
FF or IE or whatever, there will be always a FLAW.
software is designed and written by human.
and human ain't perfect and that's the weak link.
one might claim otherwise.
there are people who enemy #1 to Microsoft but you have to thank Microsoft for what computer became today.
true that Microsoft might step on a foot here and there, low punch here and there, but think about it, which company at Microsoft position didn't play the same trick?
and this is true for other industry as well....including politicians.
considering that IE is the top guy, u know there are a lot of people who want to topple it.
yesterday was the first time i checked out FF.
downloaded it.
installed it.
play wth it for a couple hrs.
uninstall it on the same day!!!
FF can't even render the webpage correctly.
FF will always be like Linux.
fun to play with but if u want something productive, it will be always Microsoft.
though, i have to praise the folks at FF and others like Linux and MicroSystem.
without them, Microsoft wouldn't move their big ass to improve their product.
so, competition is good for the consumer.
long live the REVOLUTION!!!!
-
by james.grimes
June 19, 2008 7:13 AM PDT
- pjhenry1216, I agree. There is just too much of a coincidence there. It seems very fishy.
-
Reply to this comment
-
-
See all 42 Comments >>Kwasiowusu, use a spell checker. And yes, they even have them available for those whom would rather use closed-source Internet Exploder (sorry, I meant Explorer)