• On GameSpot: Wii Fit tells 10-year-old she's fat

September 15, 2004 3:23 PM PDT

Latest Mozilla releases fix 10 security flaws

The latest releases of the Mozilla and Firefox browsers, along with the Thunderbird e-mail software, fix 10 security issues, including three critical vulnerabilities, according to the Mozilla Foundation, which develops the software.

The three critical flaws could let an attacker run code on the victim's computer, according to information published by the Mozilla Foundation on Tuesday. The vulnerabilities are caused by the improper handling of electronic business cards, known as vCards; overly large images in the bit map (BMP) format; and links that have host names using nonprintable characters.

The issues are fixed in the latest versions of the Mozilla Foundation's open-source software products: Mozilla 1.7.3, Firefox release candidate 1.0 and Thunderbird 0.8.

Security information provider Secunia gave the set of 10 holes a "highly critical" rating, its second-highest grade for Internet threats.

The plethora of new security issues comes a month after the Mozilla Foundation started offering money to researchers who found verifiable security problems in the browser. On Tuesday, the open-source group released its latest version of its software packages.

The Firefox browser in particular has benefited from the perception that its rival, Microsoft's Internet Explorer, suffers from security problems. A flaw revealed yesterday by Microsoft could put users of Internet Explorer at risk of having their PCs compromised by malicious Web sites.

See more CNET content tagged:
Mozilla Corp., Mozilla Thunderbird, Firefox, vulnerability, open-source software

Add a Comment (Log in or register) 3 comments
Patch Score: FireFox 10......Microsoft god only knows.
by Jonathan September 16, 2004 6:20 AM PDT
OK so obviously it more then ten since the first release of Phoenix but in this game I think MS is scoring more holes then Mozilla by a long shot. I mean for the love of god I do not believe there has been a single month in the last few years where MS hasn't release some form of security patch for IE.

So when FireFox starts getting monthly security patches that fix 10 problems at a time then we can compare it to Internet Exploder. As it stands this is nothing more then another smear tactic MS is pulling out of its bag of tricks. news.com = Fox News = Propaganda machine that masquerades as a legit news site. Fair and balanced my ***.

Oh and one other note. This is BETA software. Beta. Yah know. Software that isn't ready for mass release. Comparing FireFox to IE is like comparing Beta Windows XP software to Windows 2000 w/ SP2: A BS comparison. Mozilla may be pushing it as release software but in reality it's going to be a while before its ready for prime time.
Reply to this comment
ONLY 3 are critical NOT 10
by rembspam September 16, 2004 6:58 AM PDT
The Ssecunia webpage makes no differentation in their main page. But when studying the details of each there are only 3 REAL problems instead of 10.

The Mozzila webpage tells indeed 3 are very critical.

There will be more to come and I'm not suprised by that. But is always better than using ActiveX controls because they are security holes by default due to their design. This is why SP2 disables them!!!! MS endorsed us to develop for the IE using ActiveX controls, now they shut it down and say hey, you can use it but only on a trusted site. And as you and I know...... there are just a few trusted sites we use normaly since the unknown is always non-trusted.

But they use ActiveX on so many pages...... and now I can't browse without annoying messages of the IE since I disabled ActiveX.

pfffffhhhhh thanks a lot Microsoft. I stick with Firefox.

BTW: MS encountred 52 IE patches within 1 year!!!!! That is ONCE A WEEK!!!

Since Mozzile that started 3 years ago. We have 10 from which 3 are very seriously. What a BIG difference!!!
Reply to this comment View reply
Powered by Jive Software

Latest tech news headlines

Resource center from News.com sponsors
You Need The Speed of Norton 2009
Introducing Norton Internet Security™2009

Click Here!
With one-click, one-minute install, under 8MB of memory usage and fewer, shorter scans, it's the fastest security suite anywhere. Norton. Smart Security, Engineered for Speed. Get a FREE trial today!

Click Here!
The Fastest Security Suite Anywhere

Experience the revolutionary Norton Internet Security™ 2009. With Norton™ Insight, a new feature, you get precision security that targets only at risk files for fewer, faster, shorter scans

Win a Trip to Space!*

Enter the Blast Off with Norton Sweepstakes for your shot at a trip to space. You could experience being fast and weightless, just like the new Norton 2009. *No purchase necessary; click for full details.

FREE Trial!

Act now to get your FREE trial of Norton Internet Security 2009. Try it for the protection. Love it for the speed

Norton Safe Web NEW!

A community-based system that rates web site safety

Norton Labs NEW!

Users can download new security technologies and share input directly with developers. Help us shape our future products!

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement

Inside CNET News

Scroll Left Scroll Right