Firefox 3 Receives Early Vulnerability Report

By: WebProNews Staff - June 19, 2008

Only a few hours after Mozilla kicked off its Firefox Download Day, leading to over 8 million downloads in 24 hours, someone discovered and reported a critical security flaw in the browser.

Those who have work in the technology world for a few years likely share a similar view on adopting new products. The dot-zero release of software usually requires some type of fix or update, leading to an incremental release being necessary.

Unfortunately that’s going to prove true for Mozilla. Their quest for a world record in downloads in a 24-hour period looks secure. The browser does not share that same security.

TippingPoint splashed cold water on the Firefox debut, as it disclosed the existence of a critical flaw in the new version of Firefox, as well as Firefox 2. If exploited, the flaw would permit remote execution of arbitrary code.

“We verified the vulnerability in our lab, acquired it from the researcher, then promptly reported the vulnerability to the Mozilla security team shortly after,” said TippingPoint. They cited past, positive experience with Mozilla addressing security issues and expects this one to receive swift attention and resolution.

Though no details about the flaw will be made available until a patch has been released, TippingPoint did say the exploit would require user interaction, as is typical in browser flaws. Internet users should use the usual caution when confronted with an unfamiliar link, especially in email spam.

WebProNews Staff

About the Author

WebProNews StaffWebProNews | Breaking eBusiness News Your source for investigative ebusiness reporting and breaking news.

View all posts by WebProNews Staff
  • Norman

    I am waiting to download.

    Wanted to be part of the download day record etc but at the samtime you have to think about vunerabilities and plugin issues.

    • RedFox

      The same flaw is also apparent in FireFox 2.  No need to wait…

      • tREMor

        Not to mention FF beats the hell out of IE or any of your other options on any given day. 

        Security flaws are inevitable, and there will surely be more… download FF3 with confidence..  and knowing the most browser vulnerabilities are due to user stupidity.

        • snt

          "and knowing the most browser vulnerabilities are due to user stupidity".  You are dumb man.  FF is becoming another IE and will be in the gutter soon.  Don’t kid yourself.

          • Robert

            Mozilla did a Microsoft and released the software way too early.  Another IE in the making for sure!  ServicePack 2 anyone?


    Add-Ons like Google PR does not work; needs updation.

    • Robert

      PR doesn’t work for Google either 😉

  • Guest

     From my searches on the net, I’ve found that’s Amazing Webpage Emailer doesn’t work anymore with Firefox’s "Upgrade."

     It’s been a godsend in the past allowing me to email clients what I have discovered for them. I’ll bet that many other users of this service resent the loss of this very popular service. Any feedback will confirm my thoughts.

     Any quick fixes to this problem would be appreciated as well. There are truly a lot of smart people out there… just not at Mozilla.

    Mike M.

  • Guest

    I was part of the download day and i use FF3 to download huge files from my gmail to desktop but browser hangs up and message pops up saying preparing to send error message. i had to re-start FF3 9 times to finish downloading. Never had this problem with FF2. 

    • Anthony Marcil

      I have found that in all my websites .. which view perfectly in firefox 2 IE and safari are viewing improperly in Firefox3 .. Basically any where i have flash embedded on a site firefox 3 is creating a extra space below the swf file .. so on sites where i had the flash matched up perfectly it messes up my whole site .. example top logo on this site on other sites the dmaage isnt as bad but still creates a space below each embeedded flash movie that firefox 2 did not .. here are some expamples .. compare them to IE safari or firefox 2 .. and you wont see the extra spaces this is just a few .. all these sites view great in the old firefox as well as the other two browsers .. I have more examples of my work at I use dreamweaver to embedd my flash .. if anyone could help me figuer out the code issue or whatever i can do to fix this problem please help me .. please .. i might not be the best designer .. but i cringe when i see my sites break apart on the new firefox.

      • Guest

        I am having the same problem as Anthony Marcil. Underneath my embedded swfs, extra 5px of space is being added. I’ve combed through the code over and over and can’t figure out why this is happening. I am using swfobject to embed my flash and i know that it’s something to do with this, as i have other pages that use a different embedding method and they don’t have the space.

        i would be extremely pleased if anyone could offer any suggestions.


      • Guest

        add this to your css and you should be right:

        object {



        • Shane O

          The code definitely worked. But my layout looks distorted. The "object " preference duplicated my .swf files in my layout. Any suggestions?

        • Guest

          That was a really cool solution..

          I had similar problem, and it worked for me :-)
          My flash deisplays properly now…

          THanks dude !

  • Guest

    Firefox is becoming worse than I.E.  Open 15 porn pages with videos and your computer goes to shit.  It hangs, it’s slow, a pain.  I do it on I.E. and it doesn’t give me any trouble.  I have top of the line PC with 4 gigs of ram.

    For god’s sake, Firefox hasn’t even gotten his bookmarks together yet!  There are a lot of issues with restoring bookmarks, especially problems with "Bookmark Toolbar Folder" which doesn’t get restored to the appropriate place.  That’s just plain basic programming  stuff.  I doubt FF is that secure.  I’m using I.E. more often now.  Probably will uninstall this piece of firefox crap.

  • blitzed

    Firefox is provided absolutely free…yet some people complain, as-if having paid for it.

    People need to participate in beta-testing, that is the only way to help zap the bugs.

    I agree that Firefox seems to be getting bloated like IE…however most people bring that upon themselves with their addiction to hordes of silly addons, and being lazy with dozens of tabs open.

    cheers to Mozilla! sheet happens, sorry the masses let you down in the beta-testing phase.