'Highly critical' flaw reported for Netscape software

Security specialist Secunia says some versions of the browser are vulnerable and that the solution is to "use another product."

Richard Shim Staff Writer, CNET News.com

Richard Shim

writes about gadgets big and small.

See full bio

Richard Shim

April 27, 2005 12:08 p.m. PT

An unpatched flaw in some versions of the Netscape browser could let an attacker into vulnerable systems, security company Secunia has warned.

The vulnerability is "highly critical," according to an advisory released by the Danish company late Tuesday. Version 6.2.3 and 7.2 of Netscape are affected and other versions may also be susceptible, the company said.

The flaw could allow a hacker to launch a buffer overflow attack, which could crash the browser or enable the attacker to execute code on the compromised system. A patch has not been created, according to Secunia.

A Netscape representative recommended on Wednesday that people upgrade to version 8.0 of the software, which is based on Firefox code and should not be affected by the flaw.

Secunia's advice for dealing with the issue is to "use another product."