Slashdot Mirror

← Back to Stories (view on slashdot.org)

Firefox 3.0.1 Fixes 'Carpet Bombing' Issue

Posted by CmdrTaco on from the break-out-the-bug-spray dept.

An anonymous reader writes "Firefox 3.0.1 was released today. It fixes 3 security vulnerabilities, including a critical issue reported by Billy Rios, Ben Turner, and Dan Veditz. The issue could be combined with an issue in Apple's Safari browser to read data from the user's disk or to execute arbitrary code. This issue was previously discussed on Slashdot. The release also fixes a remote code execution bug involving the CSS reference counter, reported by the Zero-Day Initiative (previously discussed on Slashdot here), as well as a Mac-only potential code execution bug involving GIF image rendering, reported by Drew Yao of Apple Product Security."

2 of 168 comments (clear)

  1. Re:And this is why... by E+IS+mC(Square) · · Score: 3, Insightful

    Chances are that the reason is not that it's bug-free, but that it's still buggy.

    Chances are that you are not a developer.
    "He who is without a sin throw the first stone."

  2. Re:"awesome bar" by ShadowRangerRIT · · Score: 3, Insightful
    1. Type 'co' in the Awesome bar. Marvel at how it "awesomely" returns every site in the .com TLD.
    2. If you are the type who remembers the URL of sites you visit, it just means a bunch of false positives.

    I've used it once to date, when going back to a walkthrough page on gamefaqs. 99% of the time, I know the address I'm going to, or I have it bookmarked, so the "awesomeness" is wasted on me.

    --
    $_ = "wftedskaebjgdpjgidbsmnjgcdwatb"; tr/a-z/oh, turtleneck Phrase Jar!/; print