Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: [News] Mozilla Firefox Tops Internet Explorer for Security

Erik Funkenbusch <erik@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> On Sun, 01 Oct 2006 11:34:37 +0100, Roy Schestowitz wrote:
> 
>>| "Mozilla can turn around on a dime," Levy said. "Open-source programmers
>>| can recognize a problem and patch it in days or weeks."
> 
> Oh, that's such bullshit.  Let's look at the security vulnerabilities in
> firefox that were patched with 1.5.0.7 on September 14th.
> 
> https://bugzilla.mozilla.org/show_bug.cgi?id=346090
> 
> According to the CVE:
> 
> Heap-based buffer overflow in Mozilla Firefox before 1.5.0.7, Thunderbird
> before 1.5.0.7, and SeaMonkey before 1.0.5 allows remote attackers to cause
> a denial of service (crash) and possibly execute arbitrary code via a
> JavaScript regular expression with a "minimal quantifier." 
>

Wow, that sounds pretty serious.  And meaningful.  To the zero linux
users around here that run firefox as root.




-----yttrx


-- 
http://www.yttrx.net


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index