The Register: Mozilla Riddled with Security Holes
Nov 05, 2002, 16:00 (18 Talkback[s])
(Other stories by John Leyden)
"Details of six flaws in Mozilla, the open source browser were
posted on BugTraq at the weekend.
"Versions of Mozilla previous to version 1.0.1 contain multiple
security vulnerabilities, so users need to update their browser
software. The flaws could be used by an attacker to read data off
of the local hard drive, gain information which should normally be
kept private, and in some cases to execute arbitrary code, an
advisory by Red Hat explains.
"That advisory was published on October 18, and dealt with
problems that first came to light in September. Last Friday
(November 1) BugTraq posted a half dozen updated advisories which
spell out the various risks and gives links to proof on concept
demonstrations relating to the six..."