On The Insider: Britney's Bikini-Clad Top 10
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 17 of 70:
Next »
« Previous
A question about the article you quote
George,

I looked at the reference that you quote. It
does indeed list 22 vulnerabilities that have
been patched in "Mozilla Firefox, Mozilla Suite,
SeaMonkey, and Thunderbird" as the article
states. All of the vulnerabilities seem to apply
to Firefox except number twenty-two, which
states, "The twenty-second vulnerability is due
to an error in Thunderbird that fails to properly
restrict access to remote content referenced by
an HTML mail message, which could be exploited by
attackers to determine valid email addresses or
disclose sensitive information." That leaves
twenty-one vulnerabilities, which is still a
serious issue.

However, the bottom of the article says this:

"Affected Products

Firefox versions prior to 1.5
Firefox versions prior to 1.0.8
Mozilla Suite versions prior to 1.7.13
SeaMonkey versions prior to 1.0
Thunderbird versions prior to 1.5.0.2
Thunderbird versions prior to 1.0.8"

and also includes this statement:

"Solution

Upgrade to Firefox 1.5 or 1.0.8"

So is this article in fact talking about the
vulnerabilities that were patched between Firefox
1.5.1 and 1.5.2, or is it talking about
vulnerabilities prior to 1.5? If it is just
vulnerabilities prior to 1.5, how far does it go
back? Does is to back to Firefox 0.6, which was
alpha software and would be expected to have
vulnerabilities? Does it go back even further?
If their recommendation is for people to upgrade
to Firefox 1.5, then wouldn't anyone running 1.5
or 1.5.1 already be protected from all these
vulnerabilities? Although it is important for
users to upgrade to 1.5.2, from what I can tell
this list doesn't apply to that upgrade.

P.S. It does mention in this article that users
are encouraged to upgrade to Firefox 1.5 or
1.0.8. Does this mean that there were
vulnerabilities in 1.0.7 that didn't affect 1.5
or 1.5.1?
Posted by: Stoutner   Posted on: 04/13/06 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

awesome  Spicoli's Avenger | 04/13/06
Just so it doesn't crash as much  Spats30 | 04/14/06
nice stuff  sbj | 04/13/06
My Firefox just updated! (20:46 04/13/06)  Mr. Roboto | 04/13/06
It updated by itself?  Zogg | 04/13/06
It does  Linux User 147560 | 04/13/06
Yes indeedy  Stez | 04/14/06
it can  doh123 | 04/14/06
It will...  benrob | 04/13/06
Firefox update kills security bugs, adds Mac support  Loverock Davidson | 04/13/06
And kills Roboform too  rushnrockt | 04/13/06
Then update!  CavJJC | 04/14/06
And kills Roboform too  jresh0 | 04/14/06
Well, I appreciate the heads up.  mobrien_12@... | 04/13/06
Heads up... here's the changelog:  Tony Agudo | 04/13/06
There were 22 vulnerabilities in this update for Firefox  george_ou | 04/13/06
A question about the article you quote  Stoutner | 04/13/06
Typo Correction  Stoutner | 04/13/06
Learn to read  tombalablomba | 04/13/06
nice try George..  Spicoli's Avenger | 04/14/06
Ohhh wait on...what's the solution??  mdsmedia | 04/14/06
Unfair...  jasonp@... | 04/14/06
Depends  berck | 04/14/06
don't know if you caught this article or not George  Monkey_MCSE | 04/14/06
That was slick  DangDaCommonCentz | 04/14/06
Did the update myself  Shelendrea | 04/14/06
And it's still flaky  No_Ax_to_Grind | 04/14/06
Flaky how?  Shelendrea | 04/14/06
he leaves blanket statements for a reason  Monkey_MCSE | 04/14/06
true enough  Shelendrea | 04/14/06
Child, satsifying your curiousity is not my job.  No_Ax_to_Grind | 04/14/06
anytime old man...  Monkey_MCSE | 04/14/06
I see it was above your head.  No_Ax_to_Grind | 04/14/06
poor no ax..  Monkey_MCSE | 04/14/06
knocked straight the buck out!!  Spicoli's Avenger | 04/14/06
you're dyin for some trolling, eh Axey?  Spicoli's Avenger | 04/14/06
Yeff boy, grow up and stop hidding in your car trunk.  No_Ax_to_Grind | 04/14/06
Ain't hiding, I'm smoking a fat doob on yer front porch!  Spicoli's Avenger | 04/14/06
No Ax  Shelendrea | 04/14/06
thank you Shellmeister  Spicoli's Avenger | 04/14/06
If your happy with it, good on ya.  No_Ax_to_Grind | 04/14/06
Oooooo!!!!  Spicoli's Avenger | 04/14/06
i was wondering who would make a comment  Monkey_MCSE | 04/14/06
YUS!  Spicoli's Avenger | 04/14/06
*blush*  Shelendrea | 04/14/06
we only do it because we care shel  Monkey_MCSE | 04/14/06
it's OK my dear  Spicoli's Avenger | 04/14/06
I must have open mouth insert  Shelendrea | 04/14/06
open mouth, insert..  Spicoli's Avenger | 04/14/06
You just  Shelendrea | 04/14/06
nope!  Spicoli's Avenger | 04/14/06
You know  Shelendrea | 04/14/06
I'm..  Spicoli's Avenger | 04/14/06
You are  Shelendrea | 04/14/06
but other than that..  Spicoli's Avenger | 04/14/06
Wanna upgrade?  tic swayback | 04/14/06
hummmm....  not of this world | 04/15/06
Firefox is safe and NoScript makes it safer  jtameer | 04/14/06
IE has that also...  rapson | 04/14/06
Here's a comparison by the Whashington Post security blog  jtameer | 04/14/06
Get rid of the Google search bar!!! It is stupid  SouthernPride | 04/14/06
Huh?  mc_hambone | 04/14/06
why?  Spicoli's Avenger | 04/14/06
It's called personal preference [text]  BlazeEagle | 04/17/06
Getting rid of search bar is easy  chonhart | 04/16/06
Good for them and  michael_t | 04/15/06
Now if only HotJava would come of age  Boot_Agnostic | 04/16/06
Firefox fixes bugs, but Norton kills Firefox  ralphb@... | 04/17/06
Norton A/V = Bad  Sheeva | 04/18/06
Burned Again  ralphb@... | 04/18/06

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

Enterprise Applications

  • Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
  • New Online Dashboard
  • Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline