Mozilla already working on a Firefox 3 security fix
Posted by Percy Cabello on June 19th, 2008 • Tags:
ShareThis

The same day Firefox 3 was shipping, Tipping Point, a research organization for vulnerability analysis and discovery,  released an upcoming advisory (ZDI-CAN-349) about a new security vulnerability that could allow an attacker to execute arbitrary code, affecting Firefox 2 and 3 in their Zero Day Initiative site.

Following their own policies, Tipping Point has not disclosed any details about the vulnerability besides it would require user interaction, while Mozilla works on a patch. Mozilla Security reports that there is no known public exploit for this bug at this time.

Once the patch gets landed it will most likely be distributed via Mozilla Update Service as Firefox 3.0.1. Plans for 3.0.1 already include a few dozen stability and performance bug fixes but I wouldn’t be surprised if Mozilla rushes a security update ahead of the usual 4-6 weeks cycle, if it deems the bug severe enough.

Comments
Vygantas said on June 20, 2008, 3:37 am:

I thought they said 10 fucking days?

Is Firefox 3.01 Coming Soon? : The Alligator Pit said on June 20, 2008, 3:42 pm:

[...] new off the shelf and it already needs repairing. Welcome to the big time, Firefox. The same day Firefox 3 was shipping, Tipping Point, a research organization for vulnerability [...]

Descubierta una vulnerabilidad en Firefox 3 | RFD Internet said on June 20, 2008, 3:46 pm:

[...] 3, y que se activa al entrar en una página con código malicioso y hacer clic en un enlace. Mozilla reconoce el problema y lanzará próximamente un parche para [...]

A 3 días del lanzamiento de Firefox 3.0 ya le encuentran la primer vulnerabilidad | GeeksRoom said on June 20, 2008, 4:03 pm:

[...] reconoció el problema y dicen que el parche para subsanar el problemas será lanzado muy pronto con el [...]

steveballmer said on June 21, 2008, 12:22 am:

This piece of cr@p is like swiss cheese! Avoid it!

Frexo.Net » Blog Archive » Firefox 3 vulnerability, 8 million people affected! said on June 21, 2008, 10:01 am:

[...] “High” and it effects both version 2 and 3 of the popular internet browser. Mozilla has acknowledged the security issue and should have a patch issued in its 3.0.1 release [...]

@zzhole said on June 21, 2008, 11:21 pm:

you are dumb

Firefox 3.0.1 update available now - Mozilla Links said on July 16, 2008, 11:03 pm:

[...] update includes fixes for three critical vulnerabilities including the one reported through TippingPoint’s Zero Day Initiative program, the same day Firefox 3 was [...]

25 useful Firefox extension for the masses said on August 7, 2008, 4:57 am:

[...] about browser, Firefox name always comes up. What make it so special? We are not talking about the security or any other thing. We are talking about extensions. Firefox has the ability to be customized with [...]

tilly said on August 22, 2009, 9:35 am:

ever since i have downloaded mozilla n browse my mail n when i log out the dailog appears saying that my somebody else has signed in for my mail as this is been only my private id n i even changed my password after that but the dailog appeared with in five seconds n i was demanded to resign in…Plz fix this problem