Mozilla Firefox Update Repairs Critical Memory Flaws
Altogether, three of the five security updates bundled in Firefox version 3.0.7 were deemed critical, indicating that attackers could exploit the security holes remotely without any intervention from the user beyond normal browsing.
One critical patch fixed several stability bugs, some of which showed evidence of memory corruption in the browser engine used in Firefox as well as other Mozilla products. The memory issues could leave the user's system vulnerable for exploitation by attackers running arbitrary code. To protect themselves from an exploit, users are advised to avoid running JavaScript in mail until they patch the error.
The Firefox update also addressed several more memory safety hazards in PNG libraries used by Mozilla. In a successful exploit, attackers could crash victims' browsers and potentially launch malware on their computers after they viewed a malicious Web site, generally through some social engineering scheme.
In addition, Mozilla also patched a vulnerability in its "garbage" collection process caused by issues related to improper memory management. The error allowed the browser to crash when attempting to access an object that was already destroyed after reloading on a page with certain linked elements.
Mozilla addressed a slightly less severe "high risk" flaw that could allow an attacker to redirect victims to a malicious Web site in order to steal arbitrary XML data from another domain. Hackers operating the malicious Web site could use the vulnerability to steal sensitive or financial information from users visiting the original redirected Web site.
Also included in Mozilla's patch bundle were fixes for a lesser "low risk" vulnerability involving invisible control characters displayed in the location bar, resulting in fewer visible characters than were actually present. An attacker could use this error to spoof the location bar and display a misleading URL redirecting victims to a malicious Web page.
Flaws in Mozilla's e-mail client Thunderbird and SeaMonkey application suite also were repaired with the Firefox update. Thunderbird is upgraded to 2.0.0.21 while SeaMonkey is updated to 1.1.1.5.