Firefox 3 suffers its first vulnerability

Zero Day Initiative reports that a vulnerability it deems critical was found five hours after the release of the new browser.

Less than one day after its launch, Firefox 3 has a vulnerability.

According to Tipping Point's Zero Day Initiative, the vulnerability, which it rates as critical, was reported within the first five hours of Firefox 3's release.

"Once the vulnerability was verified in TippingPoint's DVLabs and acquired from the researcher, the vulnerability was promptly reported to the Mozilla security team," said a representative.

Although the Zero Day Initiative team does not offer specifics until the vendor has a chance to patch it, the blog post did say this vulnerability, which also affects Firefox 2, requires user interaction and could result in an attacker executing arbitrary code.

Mozilla is reported to be working on a fix.

The Zero Day Initiative has been criticized in the past for paying researchers who find vulnerabilities.

Tags:
Security
About the author

    As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

     

    Join the discussion

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    HOT ON CNET

    How well do you know your surge protector?

    Whether you're looking to add more outlets, or want to add a layer of protection between your gear and the outside world, here's what you need to know.