Bug trackers have had a couple false starts with the release of Firefox 2.0, a top Mozilla engineer said Thursday.
Of the two vulnerabilities reported since the browser's release on Tuesday, the first was patched in a previous version and the second alleged problem couldn't be replicated during testing, said Mike Schroepfer, vice president of engineering.
The first problem caused the browser to crash in some cases when text was displayed. The second problem was described as a cross-scripting attack, and sample attack code was posted on the Internet, Schroepfer said.
"The snippet [of code] didn't actually do what was claimed," he said. "We don't have enough information to understand if there is an issue or not."
However, one bug does affect Firefox 2.0, but is not exploitable, Schroepfer said. The problem is caused when a very large document is loaded into an iframe -- an HTML (Hypertext Markup Language) element -- using Javascript, which eventually causes Firefox to hang or crash, he said.
The problem is tricky to fix, but engineers are looking at it, Schroepfer said.
Schroepfer said the Mozilla community takes security problems seriously, and any problems with the new browser will be posted to its bug list Mozilla Security Center.
Firefox 2.0 debuted just a few days after Microsoft unveiled Internet Explorer 7, reignited a long-standing debate over which is the better browser.
"It's a really solid release overall," Schroepfer said of the new Firefox.
This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.
Download now »
Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.
Download now »
The emergence of WLANs has created a new breed of security threats to enterprise networks.
Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation
Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.
Download now »
Sign up to receive Applications Resource Alerts
Like any valuable resource, IT is a terrible thing to waste. But by applying the same lean techniques that have been used to streamline manufacturing processes, IT departments can reduce costs, improve performance and better manage resources.
Download now! »
Stephen Elliot, vice president of strategy for CA's Infrastructure Management and Data Center Automation business unit, explains why difficult economic times drive the need for simplified management capabilities and advanced automation tools.
Listen now! »
According to a recent study CA conducted with 300 CIOs and top IT executives, 64 percent of respondents say they've already invested in virtualization, and the other 36 percent reported that they plan to invest in virtualization.
Download now! »
In this video learn about process automation in a virtualized world. How CA and VMware are enabling enterprise datacenter automation.
View now! »
1 Recommendation
