Threat Center Security News Mozilla issues patch for Firefox vulnerability
Mozilla issues patch for Firefox vulnerability Print E-mail
Written by Rebecca Mints   
Thursday, 05 March 2009 23:36

The web-browsing software Firefox from Mozilla is now free from holes as its makers issued security advisory 2009-10 Tuesday to patch several memory safety hazards.

Glenn Randers-Pehrson of Mozilla reported last week several flaws he found in the libpng file which can cause arbitrary code execution and crash the browser altogether. Pehrson reported that the memory safety hazards in Portable Network Graphics (PNG) libraries in Mozilla to render images could be used by a malicious website and execute arbitrary codes.

“The libpng was upgraded to a version which contained fixes for these flaws,” said Mozilla in its advisory.

Also on Tuesday, makers of another browsing application Opera released a new version of the browser to close security issues.

An advisory posted on its website stated that version 9.64 closes three major security issues in Opera and incorporated value-added features to protect it from threats. The issues include a vulnerability that allows a hoax JPEG file to be used to execute code.

Opera 9.64 is now packed with Data Execution Protection (DEP) and Address Space Layout Randomization (ASLR) that runs on Windows.

 

WTW Threat Level