In its largest vulnerability fix since 2006, Mozilla’s new Firefox 2.0.0.12 release addresses a slew of problems ranging from information leakage to cross-site scripting (XSS).
Mozilla issued 10 security advisories alongside the new Firefox release, the largest number of publicly acknowledged associated vulnerability advisories or a Firefox release since the 2.x browser first debuted.
The previous Firefox release — version 2.0.0.11 — only fixed a single issue.
Though the total advisory count is high, Mozilla only identified three of the ten vulnerabilities in 2.0.0.12 as being critical. The group classifies vulnerabilities as critical, high, moderate or low based on the ease of executing the exploit as well as the impact that the vulnerability has on the browser.
Among the critical items is a fix for what the Mozilla’s Security Advisory 2008-01 calls “Crashes with evidence of memory corruption.” The advisory provides few specifics on the crashes themselves, other than to note that they could lead to exploitation.
[cob:Related_Articles]Privilege escalation, XSS and remote code execution are the subject of Security Advisory 2008-03. According to Mozilla, the vulnerability could allow an attacker’s XMLDocument.load() function to inject an arbitrary script, which could lead to exploitation.
The last critical exploit addressed in Firefox 2.0.0.12 is a Web browsing history and forward navigation-stealing vulnerability. Mozilla’s advisory explained that the way Firefox handles images after a user exits a page could have enabled an attacked to crash a browser and possibly steal a user’s navigation information.
Another vulnerability addressed by the Firefox update is Security Advisory 2008-05, which fixed a flaw allowing directory traversal via chrome, the browser’s rendering interface. Mozilla classified the vulnerability as a high-severity issue.
According Mozilla’s advisory, an attacker could have used directory traversal to load JavaScript, images and stylesheets from local files in known locations. The attack would only work if targeted against specific Mozilla add-ons that used a flat package format, however, as opposed to the more common .jar packaging.
Firefox 2.0.0.12 also fixed three vulnerabilities labeled as “moderate” severity by Mozilla. They include fixes for multiple file input focus-stealing vulnerabilities, stored password corruption and file action dialog tampering.
While Mozilla developers continue to update the Firefox 2.x series for security issues and bug fixes, work continues on Firefox’s next generation as well.
Firefox 3 Beta 3 is set for launch on Feb. 11, with a fourth and final Beta scheduled for Feb. 26. The previous Firefox 3 milestone, Beta 2, emerged in mid-December.