Firefox users would do better to update to version 2.0.0.13, as several new vulnerabilities have been uncovered and could lead to significant damange and the complementary head aches.
There are 8 such flaw which, according to Secunia. Could lead to the users' systems being compromised. Hackers could bypass certain security restrictions and get hold of various information or just launch cross-site scripting and phishing attacks.
The complete list of vulnerabilities is avaialble down below:
- An unspecified error in the handling of "XPCNativeWrappers" can lead to the execution of arbitrary Javascript code with the user's privileges via "setTimeout()" calls. - Various errors in the handling of Javascript code can be exploited to conduct cross-site scripting attacks or execute arbitrary code. - Various errors in the layout engine can be exploited to cause a memory corruption. - Various errors in the Javascript engine can be exploited to cause a memory corruption. Successful exploitation of these vulnerabilities may allow execution of arbitrary code. - An error within the handling of HTTP "Referer:" headers sent with requests to URLs containing Basic Authentication credentials having an empty username can be exploited to bypass cross-site request forgery protections. - The problem is that Firefox offers a previously configured private SSL certificate when establishing connections to webservers requesting SSL Client Authentication. This can potentially be exploited to disclose sensitive information via a malicious webserver. - An error in the handling of the "jar:" protocol can be exploited to establish connections to arbitrary ports on the local machine. - An error when displaying XUL pop-up windows can be exploited to hide the window's borders and facilitate phishing attacks.
Add to Favorites
Set Home Page
