Firefox gets security tune-up

Flaws patched for versions 2 and 3
Shaun Nichols in San Francisco, vnunet.com 18 Jul 2008

Mozilla has issued 'critical' updates for its Firefox 2 and Firefox 3 web browsers.

The updates address vulnerabilities in both versions of the browser, along with compatibility and stability fixes.

Firefox 3 received three fixes, each addressing flaws rated as 'critical' by Mozilla. Each could be targeted by an attacker to perform remote code execution on the user's system.

The first of the patches affects only Mac OS X users. The vulnerability could allow an attack launched from a malformed GIF file.

A specially crafted image could be used to cause an application crash which would then leave the system vulnerable to remote code execution.

The second patch addresses an issue related to the handling of Uniform Resource Identifier (URI) code which allows external applications to access the browser.

Security researcher Billy Rios found that adding certain symbols to a URI could allow an attacker to bypass Firefox security and launch further assaults on the browser, such as the Safari 'carpet bomb' attacks reported last month.

The third fix addresses the way Firefox handles Cascading Style Sheet (CSS) code. An attacker could use a specially-crafted CSS object to cause an application crash which would then allow remote code execution.

The older Firefox 2 version of the browser was also found to be vulnerable to the CSS and URI attacks, although a patch for the OS X GIF vulnerability was not deemed necessary.

Users can download both of the updates from the Mozilla Foundation Security Advisories website.

The US Computer Emergency Response Team and security group Sans Institute recommend that Firefox 2 users consider upgrading to the new version of the browser, as support is set to end later this year.