Firefox Fixes JavaScript Flaws

JavaScript is the source of great power within the
Mozilla Firefox browser. Unfortunately it may well also be the
trigger for many of its flaws.

Firefox out today is the latest release of the open source browser
and patches no fewer than seven critical flaws, with some form of JavaScript
issue being at the heart of most of them.

Mozilla Foundation Security Advisory 2006-44, entitled “Code execution through deleted frame reference,” outlines one such highly critical JavaScript-related flaw.

In certain circumstances, according to the advisory, a JavaScript reference to a frame or window is not properly cleared when the referenced content went away.

The pointer to the deleted object could potentially be used to execute arbitrary code.

Security Advisory
2006-45, entitled ” Javascript navigator Object Vulnerability,” is another critical JavaScript-related flaw, which,
if exploited, could allow an attacker to run arbitrary code.

Security Advisory 2006-50 addresses JavaScript engine vulnerabilities.

Called “JavaScript engine vulnerabilities,” the fix covers up additional places where an untimely garbage collection could delete a temporary object that was in active use. Some of these may allow an attacker to run arbitrary code given the right conditions.

At least one of the JavaScript-related flaws reported as part of the Firefox release has its discovery credited to security researcher H.D Moore.

The critical Mozilla Foundation Security Advisory 2006-48, titled “JavaScript new Function race condition,” addresses a vulnerability that could potentially result in
arbitrary code execution.

Moore is the co-author of the Metasploit Framework and is publishing one browser flaw a day every day in July as
part of his Month of Browser Bugs effort.

Even some of the security advisories that don’t have the term “JavaScript”
in the title appear to be related to JavaScript in some way.

The critical
Mozilla Foundation Security Advisory 2006-46, titled “Memory corruption
with simultaneous events,” is a case in point.

Though that particular
advisory does not explicitly mention JavaScript in its description of the
flaw, JavaScript is part of the solution for the flaw. The workaround,
according to the Mozilla advisory, suggests that users Disable JavaScript until they can upgrade to a fixed version.

The release is the fifth Firefox point release from Mozilla this

It released the Firefox update at the beginning of June and corrected five critical

Mozilla’s next-generation 2.0 release is now in Beta 1, and
is expected to go to full release in September.

News Around the Web