Wed, Mar 21 2007 10:04 Don

Mozilla fixes single Firefox flaw

Mozilla Corp. yesterday took the unusual step of patching a single vulnerability in its Firefox browser, but it will resume regular multiple-fix security updates with the next release, which is slated to debut before April 24.

Firefox 2.0.0.3 and Firefox 1.5.0.11 -- Mozilla currently supports two branches of the open-source application -- both fix a single flaw, according to the release notes posted on the company's Web site.

Mozilla said that the patched bug, though rated as a low threat, could be used by attackers to run a rudimentary port scan of systems within the same perimeter as the victimized machine. The attacker, however, would have to craft a malicious Web site and host it on an FTP server and then con users into visiting the page.

ComputerWorld 

Filed under: