Firefox Gets a New Handle on Old Flaws


Mozilla has updated its Firefox Web browser with fixes that address more security issues than its previous two sets of releases combined.

The new Firefox 2.0.0.8 release tackles at least eight security issues and includes no fewer than three different variants of problems that Mozilla has tried to repair before.


Of the fixed security issues, Mozilla only tagged two as “critical.”


The Mozilla team discovered the first critical fix, called “Crashes with evidence of memory corruption,” when the browser crashed possibly enabling an attack vector for hackers.


The other critical fix addresses a JavaScript-related flaw that could have allowed
for a simple right-click of a context menu to enable a hacker to run
arbitrary JavaScript with user privileges.

Mozilla said it fixed a similar, less-critical issue in its 2.0.0.5 release, as well.

The update also addresses a variant of an issue previously fixed in an earlier Firefox release. That flaw, “File input focus stealing vulnerability,” is labeled as having potentially moderate impact. According to a Mozilla Foundation security advisory, “a file upload control could be filled programmatically by switching page focus to the label before a file upload form control for selected keyboard events.”

The vulnerability could potentially enable an attacker to steal a user’s files — assuming the attacker knows the full pathnames to the files, and can trick the user into typing the necessary characters.

Mozilla said it fixed a similar flaw in the 2.0.0.4 release.


Mozilla is also taking yet another shot at fixing a URI
handling problem that keeps popping up in different areas of the browser.
The issue revolves around how Firefox running on Windows calls on external
resources residing on the host operating system.


The first public reports around the issue surfaced in early July and were initially plugged in the Firefox 2.0.0.5 release. Mozilla then admitted that the flaw was not yet fixed properly.

Firefox 2.0.0.6 was yet another attempt to deal with issue, which again still left open some avenues for potential exploitation. The Firefox 2.0.0.7 release, which fixed only one security issue, dealt entirely with how
Apple QuickTime calls resources.


For 2.0.0.8, Mozilla is trying again to get the URI-handling issue.
In security advisory 2007-36, the open source group again
admits that the fix in Firefox 2.0.0.6 did not prevent the incorrect
file-handling programs from launching which left some risk.


“An additional fix has been applied to Firefox 2.0.0.8 that detects when
Windows would mishandle these URIs so that the wrong program does not get
launched,” Mozilla’s advisory states.


While Mozilla continues to provide security and bug fixes for its Firefox
2.x browser series, work is still under way for its next-generation Firefox
3 browser, which is expected to be ready in 2008. The Firefox 3 Alpha 8 release is the most recent milestone and includes new security measures
for securing browser extension updates.

News Around the Web