VTLGlobal an offshore web design and project development company

home   about us - services - resellers - careers - contact us
  Questions? Call 866.925.7563
 
VTL-offshore development news

 
» Home » News/Press releases  

Mozilla downplays risk from unpatched flaw

 

July 20, 2009

There are conflicting reports as to whether a flaw in a new version of Firefox is exploitable or not.

Firefox 3.5.1, published only last week in rapid response to an unpatched vulnerability discovered days earlier, is itself vulnerable to a bug involving the handling of very long Unicode strings.

Reports by security researchers at the Internet Storm Centre (here) and elsewhere suggest the flaw might lend itself to code injection. Worse still, proof of exploit code has been published; a development that normally reduces the odds on whether hacking attacks might follow.

However, Mozilla published an advisory on Sunday stating the unpatched flaw only poses a minimal cross-platform browser crash risk.

"While these strings can result in crashes of some versions of Firefox, the reports by press and various security agencies have incorrectly indicated that this is an exploitable bug," Mozilla said. "Our analysis indicates that it is not, and we have seen no example of exploitability."

    Archive
    July 2009
     
    June 2009
    May 2009
    April 2009
    March 2009
    February 2009
    January 2009
    December 2008
    November 2008
    October 2008
     
     
 

Custom software development | Software outsourcing to India | Offshore employee leasing | Custom web development | Custom web site designing | Web marketing
SEO | Employee leasing options | Remote staffing options | Customer support | Privacy policy | FAQs | Contact us | Sitemap
Demo | Vtlglobal-Partners | Resources | Link Exchange | Links | Link2.....