Firefox 3.0.7 fixes vulnerabilities
Mozilla has released Firefox 3.0.7, fixing three critical security vulnerabilities in the open source web browser. The release fixes several memory safety hazards found in the PNG libraries which could be used by a malicious website to crash a users browser and possibly execute arbitrary code. The upgraded
libpng in version 3.0.7 fixes these flaws.
A vulnerability in Mozilla's garbage collection process, caused by improper memory management of a set of cloned XUL DOM elements which were linked as parent and child, has been fixed. The browser would crash after reloading a page with such linked elements, as it attempted to access an object that was already destroyed. An attacker could use this crash to run arbitrary code on the victim's computer.
The browser engine used in Firefox (and other Mozilla-based products such as Thunderbird and SeaMonkey) has been updated to fix several stability bugs that can cause crashes and memory corruption, possibly allowing arbitrary code to be run.
A high risk vulnerability that allowed a website to use nsIRDFService and a cross-domain redirect to steal arbitrary XML data from another domain, in violation of the same-origin policy, has been fixed. This vulnerability could be used by a malicious website to steal private data from users authenticated to the redirected website.
Firefox 3.0.7 is available to download, or Firefox users can use the Firefox update service by selecting Help, then Check For Updates.
- Firefox 3.1 delayed, 3.0.7 beta released, a report from The H.