In association with heise online

17 December 2008, 08:14

Firefox 3.0.5 fixes three critical vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Firefox 3.0.5 has been released, fixing three critical vulnerabilities in the open source browser. The three critical vulnerabilities are related to XSS vulnerabilities in SessionStore, – XSS and JavaScript privilege escalation and crashes with evidence of memory corruption.

The last two of those critical vulnerabilities are listed as also affecting the Thunderbird mail client, with Mozilla noting them as fixed in, the as yet unavailable, Thunderbird Mozilla define critical as "Vulnerability can be used to run attacker code and install software, requiring no user interaction beyond normal browsing". Full details of these, and another five lower priority issues, are available on the Security Advisories for Firefox 3.0 page.

Firefox 3.0.5 is available to download or Firefox users can use the Firefox update service by selecting Help, then Check For Updates.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit