Mozilla Firefox 1.0.7 Release Fixes 2 Major Vulnerabilities | Linux

Search

Linux Authors: Gilad Parann-Nissany, RealWire News Distribution, Colin Walker, Lori MacVittie, Unitiv Blog

Related Topics: Virtualization

Virtualization: Article

Mozilla Firefox 1.0.7 Release Fixes 2 Major Vulnerabilities

To Avoid Security Problems, Download Firefox 1.0.7 Right Away

By Security News Desk	Article Rating:
September 22, 2005 01:30 PM EDT	Reads:	15,609

Related
Print
Email
Feedback
Add This
Blog This

Mozilla Firefox 1.0.7 was released yesterday and is now available for download. Fixes are included for the international domain name (IDN) link buffer overflow vulnerability and the Linux command line URL parsing flaw.

There are also other security and stability changes, says the Mozilla Foundation, including a fix for a crash experienced when using certain Proxy Auto-Config scripts. In addition, some regressions introduced by previous 1.0.x security updates have been resolved.

Firefox 1.0.7 can be downloaded from the Firefox product page or from here.

CIO, CTO & Developer Resources

An equivalent update to the Mozilla Application Suite, Mozilla 1.7.12, is expected shortly.

The Linux command line URL parsing flaw could allow an attacker to execute arbitrary commands on a victim's system. The bug exists in the Linux shell scripts that Firefox and the Mozilla Application Suite rely on to parse URLs supplied on the command line or by external programs. If the supplied URL contains any Linux commands enclosed in backticks, these will be executed before Firefox or the Mozilla Application Suite tries to open the URL. Variables such as $HOME will also be expanded.

Published September 22, 2005 – Reads 15,609
Copyright © 2005 SYS-CON Media, Inc. — All Rights Reserved.
Syndicated stories and blog feeds, all rights reserved by the author.

Related
Print
Email
Feedback
Add This
Blog This

More Stories By Security News Desk

SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

Comments (0)

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

Comments

Drool, Britannia? Is the UK Failing the Cloud?

By Roger Strukhoff

Richard Davies wrote: The UK has a good crop of technology pioneers in cloud computing - for example ElasticHosts, FlexiScale, Flexiant, OnApp - and also some strong government initiatives such as G-Cloud. We will have to see whether this kind of technical leadership converts into swift mass-market adoption or not.

Jan. 8, 2012 11:38 AM EST

read more & respond »

Cloud Expo & Virtualization 2011 West

Keynotes

Opening Keynote | An Enterprise Cloud for Business-Critical Applications

Day 2 Keynote | The Enterprise Cloud Tightrope - Balancing for Success

Day 3 Keynote | The DNA of an Enterprise Cloud

DIAMOND SPONSOR:

Many Clouds, Many Choices'Cloud

PLATINUM PLUS SPONSORS:

Enterprise Cloud Best Practices - Town Hall - Join the discussion…

PLATINUM SPONSORS:

Progressing Toward the Federated, Automated and Client-Aware Cloud

How to build an app with Twitter-like throughput

Computing in the Cloud Era

GOLD SPONSORS:

Gale Technologies

Practical Cloud Migration

Re-think IT. Re-inventing Business.

Identity Driven Security in the Cloud

Hackers Hackers Everywhere, Is My Public Cloud That Safe?

Unlock the Value of the Cloud

Mission Critical Applications and the Cloud - Myth or Reality?

Not Your Grandpa's Cloud

Integrating Enterprise Clouds

Upgrade to a vCloud

POWER PANELS:

Cloud Expo Silicon Valley: CTO Power Panel

Cloud Expo Silicon Valley: CEO Power Panel

Cloud Expo Silicon Valley: Cloud SuperStars Panel

Cloud Expo Silicon Valley: CloudNOW Panel

Click For 2010 West
Event Webcasts

Cloud Expo & Virtualization 2011 East

DIAMOND SPONSOR:

Dell & VMware Deliver the Enterprise Hybrid Cloud

PLATINUM PLUS SPONSORS:

Are Financial Services Organizations Risking Security by Avoiding Cloud Computing?

From Consolidation to Enterprise Private PaaS

PLATINUM SPONSORS:

Driving the Transformation to Next Generation Cloud Data Centers

The Inevitability of an Open Cloud

GOLD SPONSORS:

CA Technologies

Follow YOUR path to Cloud Computing

Who Keeps the Cloud in the Air?

Patterns for Cloud Computing

War in the Clouds: Are you ready?

The Big Win: Stop Playing Small-Ball with Your Cloud Strategy

Evaluating Enterprise Clouds

Cloud Storage: Myths and Realities

POWER PANELS:

Cloud Expo New York: CTO Power Panel

Cloud Expo New York: CEO Power Panel

Cloud Expo New York: CMO Power Panel

Cloud Expo New York: Wrap-Up Power Panel

Click For 2010 West
Event Webcasts

Is Your Business 100% Ready for the New Era of Cloud Computing and Big Data?
The Only Enterprise IT Event in 2012 Covering the Entire Scope of both Cloud & Big Data

Come to New York and get yourself up to date with the Big Data revolution! As advanced data storage, access and analytics technologies aimed at handling high-volume and/or fast moving data all move center stage, aided by the Cloud Computing boom, Cloud Expo is the single most effective event for you to learn how to use you own enterprise data – processed in the Cloud – most effectively to drive value for your business.

There is little doubt that Big Data solutions will have an increasing role in the Enterprise IT mainstream over time. Get a jump on that rapidly evolving trend at Big Data Expo, which we are introducing in June at Cloud Expo New York.

Cloud Expo was announced on February 24, 2007, the day the term "cloud computing" was coined. That same year, the first Cloud Expo took place in New York City with 450 delegates. Next June, Cloud Expo is returning to New York with more than 10,000 delegates and over 600 sponsors and exhibitors.

"Cloud" has become synonymous with "computing" and "software" in two short years. Cloud Expo is the new PC Expo, Comdex, and InternetWorld of our decade. By 2012, more than 50,000 delegates per year will participate in Cloud Expo worldwide.

The cloud is certainly a compelling alternative to running all applications within a traditional corporate data center. But moving from theory into practice is where things get complicated, and this is where attending a top industry event like Cloud Expo comes in.

No one can take full advantage of cloud computing without first becoming familiar with the latest issues and trends, which is why the organizing principle of the 10th International Cloud Conference & Expo on June 11-14, 2012 - is to ensure - through an intensive four-day schedule of keynotes, general and breakout sessions, and our bustling Expo Floor - that attending delegates leave the Javits Center with abundant resources, ideas and examples they can apply immediately to leveraging the Cloud, helping them to maximize performance, minimize cost and improve the scalability of their Enterprise IT endeavors.

Delegates will leave Cloud Expo with dramatically increased understanding the entire scope of the entire cloud computing spectrum from storage to security.

Whether you're an enterprise or small to medium business, you'll soon be benefiting from the Cloud. Join your peers in New York City June 11-14, and maximize those benefits already in 2012. See you in New York City!

Register Now!
Save $500 on your “Golden Pass”! Call 201.802.3020
or click here to Register
Early Bird Expires Friday.

Speaker Opportunities
Submit your speaking proposal for the upcoming Cloud Expo in New York City
[June 11-14, 2012]

Exhibitor Info
Please Call 201.802.3021
events (at) sys-con.com.
Carmen Gonzalez,
carmen (at) sys-con.com.

Produced and presented by Cloud Expo, Inc.

close this window