Mozilla fixes 'critical' flaws

Security vulnerabilities affect 1.5 versions of Firefox and Thunderbird as well as version 1 of the SeaMonkey application suite.

A correction was made to this story. Read below for details.

Mozilla has released updates for its Firefox browser, Thunderbird e-mail application and the SeaMonkey application suite to fix "critical" security vulnerabilities.

The vulnerabilities affect 1.5 versions of Firefox and Thunderbird as well as version 1 of the SeaMonkey suite, Mozilla said in its security advisories. The bugs do not affect Firefox 2.0, the latest version of the browser released late last month.

Security monitoring companies Secunia and the French Security Incident Response Team, or FrSIRT, deem the issues "highly critical" and "critical," respectively. People who use vulnerable versions of the Mozilla products are urged to upgrade to the fixed versions, both companies said.

Mozilla has fixed a number of bugs that could cause its products to crash or, in some cases, be exploited to hijack a PC, it said in an advisory. Other problems that have been repaired include a flaw that could be abused to run malicious JavaScript and a vulnerability that could let miscreants fake digital signatures, Mozilla said.

"The security vulnerabilities could be exploited by malicious people to bypass security restrictions, conduct cross-site scripting attacks and potentially compromise a vulnerable system," Secunia said in its alert.

Mozilla plans to support Firefox 1.5 until April 24, 2007, six months after it shipped Firefox 2. The security flaws are fixed in Firefox, Thunderbird and SeaMonkey 1.0.6. The previous Firefox security update was released in September.

Correction:Due to incorrect information supplied by Mozilla, this story stated the wrong end-of-support date for Firefox 1.5. Support will end on April 24, 2007.
Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Microsoft enters the laptop game with the hybrid Surface Book

This powerful 13.5-inch laptop include Nvidia graphics and a new hybrid hinge.

by Dan Ackman