The new version of the Firefox browser was downloaded over eight million times in its first 24 hours of release in what organisers claimed was a world record. But the success was overshadowed by reports that Firefox 3.0 contained a serious security flaw that potentially lets an attacker take over a PC if a user clicks on a booby-trapped link.
The bug was reported to Mozilla by Security Firm, Tipping Point, and no other details were released, in order to give the organization time to develop a patch. “Working with Mozilla on past security issues, we’ve found them to have a good track record and expect a reasonable turnaround on this issue as well,” TippingPoint said in a statement.
Another Firefox 3 vulnerability was posted Tuesday on a security mailing list hosted by security consultant Neohapsis. The brief posting warned of a buffer overflow bug in Firefox 3, but provided no details. It was not clear whether the flaw was the same as the one reported by TippingPoint.
Once the vulnerability is repaired, TippingPoint said it planned to publish the security advisory on the “Published Advisory” page on its Website.
Source: InformationWeekFiled under Browser Technology | Tags: Buffer Overflow, Firefox, Firefox 3, Mozilla, Security Bug | Comment Below