Two Holes Poke Firefox Veneer
Page 1 of 1
It seems Mozilla's Firefox, the undisputed darling of the alternative browser set, isn't immune after all to the slings and arrows suffered by other popular interfaces.
On Saturday the Greyhats Security Group punctured the browser's aura of invincibility after it released details of two flaws that allow a malicious site to execute arbitrary code.
Less than a week after the foundation trumpeted breaking the 50 million download mark, the browser is dealing with what has been called by Danish security firm Secunia its first "extremely critical" bug.
The Mozilla Foundation said there are currently no known active exploits of these vulnerabilities, although a "proof of concept" has been reported.
"Mozilla is aggressively working to provide a more comprehensive solution to these potential vulnerabilities and will provide that solution in a forthcoming security update," the foundation said on its Web site.
"We believe this means that users who have not added any additional sites to their software installation whitelist are no longer at risk," Mozilla Foundation said in a statement.