Firefox 3.5.7 Update Fixes 3 Critical Security Issues
The Mozilla Foundation has updated its Firefox browser to version 3.5.7. This update is meant to make the software a more stable platform as well as a safer platform. In this regard the recently released Firefox 3.5.7 update fixes several stability issues and several security issues. To be more precise, it fixes a total of 7 security issues – 3 of which have been given the rating of critical.
Just to put things in perspective, the critical rating means the vulnerability “can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.” Here is a more in-depth look at the 3 critical security issues that Firefox 3.5.7 addresses:
MFSA 2009-67
Affected software: Firefox, SeaMonkey
Description: A video's dimensions were being multiplied together and used in particular memory allocations. When the video dimensions were sufficiently large, the multiplication could overflow a 32-bit integer resulting in too small a memory buffer being allocated for the video. An attacker could use a specially crafted video to write data past the bounds of this buffer, causing a crash and potentially running arbitrary code on a victim's computer
Credit: Dan Kaminsky, David Keeler
MFSA 2009-66
Affected software: Firefox, SeaMonkey
Description: Several bugs in liboggplay which posed potential memory safety issues. The bugs could potentially be used by an attacker to crash a victim's browser and execute arbitrary code on their computer.
Credit: Mozilla community and developers
MFSA 2009-65
Affected software: Firefox, Thunderbird, SeaMonkey
Description: Several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
Credit: Mozilla community and developers
If you would like to get Firefox 3.5.7, a download location is available here.
If you already have Firefox 3.5 installed on your machine, click Help -> Check for updates to manually update the browser.
Tags: Firefox, Mozilla, Update, Security
Just to put things in perspective, the critical rating means the vulnerability “can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.” Here is a more in-depth look at the 3 critical security issues that Firefox 3.5.7 addresses:
Advertising
MFSA 2009-67
Affected software: Firefox, SeaMonkey
Description: A video's dimensions were being multiplied together and used in particular memory allocations. When the video dimensions were sufficiently large, the multiplication could overflow a 32-bit integer resulting in too small a memory buffer being allocated for the video. An attacker could use a specially crafted video to write data past the bounds of this buffer, causing a crash and potentially running arbitrary code on a victim's computer
Credit: Dan Kaminsky, David Keeler
MFSA 2009-66
Affected software: Firefox, SeaMonkey
Description: Several bugs in liboggplay which posed potential memory safety issues. The bugs could potentially be used by an attacker to crash a victim's browser and execute arbitrary code on their computer.
Credit: Mozilla community and developers
MFSA 2009-65
Affected software: Firefox, Thunderbird, SeaMonkey
Description: Several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.
Credit: Mozilla community and developers
If you would like to get Firefox 3.5.7, a download location is available here.
If you already have Firefox 3.5 installed on your machine, click Help -> Check for updates to manually update the browser.
Tags: Firefox, Mozilla, Update, Security
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 28 May 2012
Mozilla introduced a new program meant to educate millions of people, the Mozilla Webmaker program.
By George Norman on 26 May 2012
Piriform updated its products, making CCleaner less annoying and Defraggler a lot faster.Related News
By George Norman on 27 Jan 2012
We all start the year with resolutions, such as “this year I’m going to more carefully watch what I eat”, or “this year I will try to be less stressed”. Most times we discard these resolutions just as easily as 
By George Norman on 23 Apr 2012
Even though the Mozilla Foundation has not officially released the final version of Firefox 12 to the masses, Firefox v. 12.0 final is already out there and available for download
By George Norman on 02 Feb 2012
Version 10.0 of the very popular Firefox web browser has been released to the web. This new version comes with a
By George Norman on 21 Dec 2011
Nonprofit organization Mozilla has updated its popular Firefox web browser to version 9.0. If you’re on Firefox and you did not receive an automated update prompt, you can manually trigger one from the Advertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Firefox 3.5.7 Update Fixes 3 Critical Security Issues
HTML Linking Code
HTML Linking Code