Wednesday, 28 November 2007 02:51

Firefox 2.0.0.10 patches high-impact security flaws

By
The latest release of the popular Firefox open source web browser fixes a trio of security flaws described by Mozilla as being of high impact.

The delivery of the update follows a 'test day' last Friday that was intended to shake out any issues that remained in the release candidate.

Firefox 2.0.0.10 restricts the jar: URI scheme to files delivered with a MIME type of application/java-archive or application/x-jar to avoid trusting non-Java content that could be used in cross-site scripting attacks. The flaw had been exploited to steal Gmail contact lists.

Another specific issue corrected by the update blocks a way of carrying out cross-site request forgery attack on sites by generating a fake HTTP Referrer header.

Also patched are three bugs that had been shown to cause memory corruption in some circumstances and that could potentially be exploited to execute arbitrary code.

No other changes were made to the application.

The update is being pushed out to Firefox users, or the new version can be downloaded from Mozilla.com.


Subscribe to Newsletter here

WEBINAR 12 AUGUST - Why is Cyber Security PR different?

This webinar is an introduction for cyber security companies and communication professionals on the nuances of cyber security public relations in the Asia Pacific.

Join Code Red Security PR Network for a virtual conversation with leading cyber security and ICT journalists, Victor Ng and Stuart Corner, on PR best practices and key success factors for effective communication in the Asian Pacific cyber security market.

You will also hear a success story testimonial from Claroty and what Code Red Security PR has achieved for the brand.

Please register here by 11 August 2020 and a confirmation email, along with instructions on how to join the webinar will be sent to you after registration.

Aug 12, 2020 01:00 PM in Canberra, Melbourne, Sydney. We look forward to seeing you there!

REGISTER NOW!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

These days our customers Advertising & Marketing campaigns are mainly focussed on Webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://www.itwire.com/itwire-update.html and Promotional News & Editorial.

For covid-19 assistance we have extended terms, a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.

BACK TO HOME PAGE

WEBINARS ONLINE & DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research & Case Studies

Channel News

Comments