Home

Firefox Patch; Two Authentication Vulnerabilities

Submitted by CodeJustin on Tue, 2009/08/04 - 11:54am
  • Delicious
  • Digg
  • StumbleUpon
  • Reddit
  • Technorati
Tags:

We Recommend These Resources

Stop Malware In Its Tracks: Code-Signing Certificates

Extended Validation SSL Certificates

Six Steps to Signing your Java Code

Server-Gated Cryptography

Code Signing for Adobe AIR Applications

Mozilla on Monday released two new versions of Firefox, 3.5.2 and 3.0.13 in order to patch two critical security issues.  The first vulnerability could let an attacker run arbitrary code on a person's computer by sending specially crafted authentication information called certificate and the second vulnerability involves a flaw in certificate authentication technology that could potentially let an attacker gain access to encrypted information or issue a bogus update to Firefox.

The only advice Mozilla gave to users was "We strongly recommend that all Firefox users upgrade to this latest release".  It should also be noted that Mozilla has patched the vulnerabilities.

0

My name is Justin and you can check out my Programming Blog at: CodeJustin.com - Justin is a DZone Zone Leader and has posted 67 posts at DZone.

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)