| Sales | 0208 045 4945 | 0800 458 4545 |
| Support | 0208 045 4944 | 0800 230 0032 |
| Sales | 0208 045 4945 | 0800 458 4545 |
| Support | 0208 045 4944 | 0800 230 0032 |
5 Jun 2006
Mozilla Corp. on Thursday patched its Firefox browser against 12 vulnerabilities, 5 of them labelled "critical" by the Mountain View, Calif. company.
Firefox 1.5.0.4 is the fourth security update to the 1.5 edition of the browser since it released last November. The number of holes plugged in 1.5.0.4, however, is only half that of April's mega-patch, when 24 total, 11 of them "critical," were fixed.
Danish vulnerability tracker Secunia tagged the update with a "highly critical" rating, its second highest ranking.
Some of the flaws could be used by attackers to generate buffer overflows, which can lead to further system access, including planting malicious code on the computer, Secunia noted. Others would let attackers run malicious JavaScript without the user's permission.
A list of the bugs patched by 1.5.0.4 can be found on the Mozilla Foundation's website.
Mozilla also patched its Thunderbird email client, fixing 8 flaws by releasing version 1.5.0.4; meanwhile, the separate SeaMonkey project rolled out its 1.0.2 version, the follow-up to the now-defunct Mozilla browsing suite, and fixed a long list of bugs.
This is the second update of Firefox since Mozilla announced it was ending support for the older Firefox 1.x line.
Firefox and Thunderbird can be downloaded from the Mozilla Corp. site, while SeaMonkey can be found here. Users of Firefox and Thunderbird 1.5.x, however, can wait for those programs' automatic update functions to kick in and retrieve the smaller-sized update files.
UKFast is not responsible for the content of external Internet sites.
