Firefox 2.0.0.16 fixes two security vulnerabilities

SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Firefox 2.0.0.16 fixes two security vulnerabilities
The Mozilla Foundation has just released Firefox 2.0.0.16 which fixes two critical security vulnerabilities: MFSA 2008-35 (CVE-2008-2933) Command-line URLs launch multiple tabs when Firefox not running MFSA 2008-34 (CVE-2008-2785) Remote code execution by overflowing CSS reference counter It should be noted that the second vulnerability would also affect users that run Thunderbird with Javascript enabled for e-mail reading. Needless to say this is a no-no. We recommend users to upgrade their Firefox installation. Firefox 2.x will still be supported only until mid-December, so investigating and planning an upgrade path to Firefox 3 is advised.	Maarten 158 Posts Jul 16th 2008
Thread locked Subscribe	Jul 16th 2008 1 decade ago