Articles in “Vulnerabilities”

Secunia Advisory SA38608

Mozilla is aware of the claim of a zero-day in Firefox as posted here: http://secunia.com/advisories/38608/.  We cannot confirm the report as we have received no details regarding the reported vulnerability, … Read more

Security Issues With Two Experimental Add-Ons

Important Note: One of the malware results has been verified to be a false positive.  Further details are available here: http://blog.mozilla.org/addons/2010/02/09/update-on-the-amo-security-issue/ Original blog entry follows below. Two add-ons in the … Read more

URL bar spoofing vulnerability

Issue The URL in the address bar can be spoofed when a new window or tab is opened by a malicious web page. Impact to users If a user visits … Read more

The Importance of Good Metrics

There has been some interest in the last few days about a recent report from a company called Bit9 about application vulnerabilities. While we’re always happy to see stories that … Read more

Low Risk Denial of Service in Firefox

Issue A null pointer dereference in the content layout component of Firefox allows an attacker to crash the browser when a user navigates to a malicious page. Impact If a … Read more

New Security Issue Under Investigation

TippingPoint ZDI notified Mozilla of a vulnerability in Firefox that impacts versions 2.x and 3.0.  This issue is currently under investigation.  To protect our users, the details of the issue … Read more