Mozilla patches Firefox and Thunderbird
|
|
The first update to Firefox 4.0, version 4.0.1, addresses a total of three vulnerabilities, two of which are rated as critical. The browser's WebGLES feature contains bugs that could lead to crashes, potentially resulting in the execution of malicious code. The Windows version of Firefox was also found to have been compiled without ASLR which could allow an attacker to bypass ASLR's protection against malicious code if a memory corruption flaw was found. Several critical memory safety bugs have in the browser engine used by Firefox have also been corrected. These bugs reportedly contained evidence of memory corruption under certain circumstances. The developers presume that, with enough effort, some of them could be exploited to run arbitrary code.
|
|
Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.
