Security Bytes

Jun 19 2008   12:14PM GMT

TippingPoint reports Firefox 3.0 flaw

Marcia Savage Marcia Savage Profile: Marcia Savage

TippingPoint said a researcher submitted a critical vulnerability affecting Firefox 3.0 to its Zero Day Initiative just five hours after Mozilla released the updated open source browser Tuesday.

In a blog post Wednesday, TippingPoint said its researchers verified the vulnerability in its lab and quickly reported the flaw to Mozilla’s security team. The flaw could allow an attacker to execute arbitrary code, but a user would need to click on a link in an email or visit a malicious Web page, according to TippingPoint. The vulnerability also affects prior versions of Firefox 2.0.x.

The company, a division of 3Com Corp., said it won’t release any other information about the vulnerability until a patch is available. Mozilla is working on a fix. TippingPoint’s Zero Day Initiative pays researchers for verified vulnerabilities.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: