Tipping Point has verified the bug and reported it to Mozilla, Tipping Point said on Wednesday.
Since Mozilla is still working on a fix, the researchers won’t share details about the problem. Tipping Point ranked the severity of the vulnerability as high, but said that users would have to click on a link in an e-mail or visit a malicious Web page before being affected. The issue affects users of Firefox 3.0 as well as Firefox 2.0.
Once the problem is fixed, Tipping Point will publish an advisory on its Web site, it said.
Tipping Point found out about the vulnerability through its Zero Day Initiative, which lets researchers earn cash by submitting new vulnerabilities to the company. Once Tipping Point validates the issue, it pays the researcher for the information and notifies the relevant software vendor of the technical details.
Mozilla did not respond to a request for comment.
Mozilla launched its newest browser on Tuesday along with a marketing stunt that went a bit wrong. The company announced that it wanted to set a Guinness World Record for the largest number of software downloads in a 24-hour period. However, the volume of downloads crippled Mozilla’s site, and so customers in the U.S. couldn’t begin downloading the software until two hours later than expected. Still, Mozilla said it logged more than 8 million downloads within 24 hours. There is currently no record for number of software downloads in a day, but Mozilla must now wait for review of the stunt by Guinness officials.
Mozilla launched its newest browser on Tuesday along with a marketing stunt that went a bit wrong. The company announced that it wanted to set a Guinness World Record for the largest number of software downloads in a 24-hour period. However, the volume of downloads crippled Mozilla's site, and so customers in the U.S. couldn't begin downloading the software until two hours later than expected. Still, Mozilla said it logged more than 8 million downloads within 24 hours. There is currently no record for number of software downloads in a day, but Mozilla must now wait for review of the stunt by Guinness officials.
tht was pretty lame .... seriously ...
neways ....
Vulnerability can b of any level .....
i seriously feel ......... ajax is more vulnerable then any thing else ......
I don't know if the vulnerability is that FF crashes, but mine has had to shut down unexpectedly twice in the last 2 days since i've been using it. I'm running Vista btw.
However, when you reopen it, it loads just fine and can restore last page.
I don't know if the vulnerability is that FF crashes, but mine has had to shut down unexpectedly twice in the last 2 days since i've been using it. I'm running Vista btw.
However, when you reopen it, it loads just fine and can restore last page.
For those of you who have experience Firefox Crashing and currently have Kaspersky.
Do the following and it should resolve the issue.
“Kaspersky has confirmed the bug and they are in the midst of testing the fixed version which will be released in the coming weeks. I certainly can’t wait any longer because it is affecting my web browsing experience and I don’t want to use Opera or Internet Explorer. I had no choice but to look for a solution. I found a solution which I’ve tested for a few days and not a single Firefox 3 crash ever since.”
Click AppInit tab and uncheck C:\Progra~1\Kasper~1\Kasper~1\mzvkbd.dll
Kaspersky Virtual Keyboard feature is only available for Kaspersky Internet Security 2009 but weirdly people who has Kaspersky Anti-Virus 2009 installed is also affected by this. Some people has reported that mzvkbd.dll file (the cause of Firefox 3 crash) is loaded onto the system even when they are using KAV 2009. One of the Kaspersky forum moderator admitted that they were included by mistake and will probably removed for good in the next build.
It is absolutely safe in disabling mzvkbd.dll using Sysinternals Autoruns. When there is a new update for Kaspersky that fixes this problem, I’d advice you to enable back the DLL file.
Do you know there is a G4/G5/Intel optimized version of firefox for MAC? Look for Minefield. It has Aqua interface so it integrates pretty nicely with OSX. And due to that integration, it uses less virtual memory. I'm sure you will love it. Better yet if you are on MAC, give OmniWeb a try. It is light years ahead of Firefox. I'm so addicted to OmniWeb and its feature i.e. unique tab interface or workspaces etc., that when I use Firefox/IE/Opera, I feel like a Caveman :D
i haven’t been using it 2 days straight in a row…as in 24/7 lol