Mozilla Patches 10 Firefox Bugs, Additional Vulnerabilities Fixed
Mozilla developers have fixed several stability bugs identified in the Firefox Web browser and other Mozilla products. However, these crashes showed evidence of memory corruption under certain circumstances, and Mozilla is cautioning that a dedicated hacker could exploit this aspect to run arbitrary code.The Mozilla Foundation posted a "critical" security advisory on April 21, stating that crashes of certain Mozilla products had revealed evidence of memory corruption under certain circumstances. Mozilla cautions that this corruption could be exploited to run arbitrary code. The affected Mozilla products included Firefox, Thunderbird and SeaMonkey. The stability bugs have already been fixed in Firefox 3.0.9, Thunderbird 22.214.171.124 and SeaMonkey 1.1.16.
A Mozilla update also plugged eight security holes, six of them critical, in Firefox 3.07.
A report by Secunia found that Mozilla Firefox had more vulnerabilities than Internet Explorer, Apple Safari and other Web browsers in 2008, although Mozilla has been faster than Microsoft to patch vulnerabilities disclosed publicly without prior vendor notification. According to Secunia's research, Firefox had 115 security vulnerabilities uncovered in 2008.
Since its original release in 2004, Firefox has grown to become the second-most popular Web browser in the United States, with regard to market share, after Microsoft Internet Explorer. It maintains a lead over Apple Safari and Google Chrome.