08 February 2008, 13:09

New version of Firefox closes many security holes

Mozilla has on Thursday released version 2.0.0.12 of the Firefox browser, which eliminates a number of security holes. There are only eleven vulnerability reports, but some of them cover several flaws. The developers describe at least three of these as critical, including a bug that allows a manipulated web site to use designMode frames to read the browser history. It can also crash the browser. The developers also believe the bug could be exploited to insert code.

Vulnerability report 2008-03 mentions a number of other critical errors that are said to allow the execution of JavaScript in Firefox with chrome privileges. The report also documents a vulnerability in the function XMLDocument.load that allows JavaScript to be injected into another frame. According to Advisory 2008-01, there were also several bugs in the browser engine that caused it to crash. The developers suspect that an attacker could, with some effort, exploit some of these bugs to infect a PC with malicious code.

Thunderbird is also susceptible to this problem, but the vulnerabilties can probably only be exploited in conjunction with JavaScript, which is disabled by default in Thunderbird. Although the bug is supposed to have been eliminated in version 2.0.0.12 of the e-mail client, Version 2.0.0.9 is still available for download on the official pages.

The recently discovered directory traversal hole has also been closed. Attackers can exploit the hole by means of manipulated chrome:// links in some HTML tags on web pages, using browser add-ons that are not packed as .jar archives but as "flat packages". The other errors are less critical or non-critical.

Seamonkey has also been updated to Version 1.1.8. Users of Firefox, Thunderbird and Seamonkey can update their installations by using the integrated update function. Users of most Linux distributions will have to wait for the new packages, because the automatic update is disabled in the applications themselves.