The Web    Google
Critical Flaws Flagged in Mozilla, Thunderbird

Critical Flaws Flagged in Mozilla, Thunderbird
September 15, 2004
Ryan NaraineBy

The Mozilla Project has issued a warning for a series of "highly critical" security holes in three of its core projects, including its flagship Firefox Web browser and the Thunderbird e-mail client.

The vulnerabilities, which also affect the Mozilla browser, could potentially exploited by malicious people to conduct cross-site scripting attacks, access and modify sensitive information, and compromise a user's system.

The open-source group has already fixed the bugs and are urging users to upgrade to , and .

The news comes just days after the open-source project issued a preview release of Firefox 1.0, which includes an RSS reader that displays "live bookmarks, a new "Find" tool and an updated plug-in installer.

An released by Secunia warned that the flaws carry a "highly critical" rating.

Secunia listed seven vulnerabilities that affect the Mozilla products, including various boundary errors that can be exploited to cause heap-based buffer overflows when a specially crafted e-mail is forwarded or opened.

A successful attack could lead to the execution of malicious code to completely hijack a vulnerable machine.

Another flaw exists where insufficient restrictions on script generated events on text fields can be exploited to read and write content from and to the clipboard.

Secunia also warned of a problem with overly long links containing a non-ASCII characters that can be exploited via a malicious Web site or e-mail to cause a buffer overflow.

"An integer overflows when parsing and displaying BMP files can potentially be exploited to execute arbitrary code by supplying an overly wide malicious BMP image via a malicious website or in an e-mail," the research firm said.

It also highlighted a problem with the way Mozilla allows the dragging of links to another window or frame. "This can be exploited by tricking a user on a malicious Web site to drag a specially crafted javascript link to another window," Secunia said, warning that a malicious attacker could execute script code in the context of that window. "Further exploitation can in combination with another unspecified vulnerability lead to execution of arbitrary code," the company added.

  • 4/22: Kelvir-R Trojan Hits IM Contacts
  • 5/2: Oscarbot Virus Spreads a Hyperlink
  • Apple Patches QuickTime Flaw
  • 4/26: Mytob-BO Worm Spreads Flaw
  • Sender ID: Phishing Solution or Another Problem?
  • PentaSafe Unveils Integrated Security Manager
  • I've Been Framed
  • Homeland Security Names First Privacy Czar
  • How Long Must You Wait for an Anti-Virus Fix?
  • Virus Alert Activity Intensifies
  • Microsoft Battles Debugger Flaw, SQL Worm
  • Compare Security Camera Products