Firefox, Apple QuickTime Flaw Fixes

Mozilla has shipped a "highly critical" Firefox update to correct multiple security bugs that could cause cross site scripting, information disclosure, denial of service and system access attacks.

The update is the first for Firefox 2.0 and also applies to Firefox 1.5. Five of the eight bugs fixed in the update are rated "critical" by Mozilla.

...Apple Computer was also busy on the patching front, shipping a fix for an obscure QuickTime for Java flaw that could cause lead to the disclosure of sensitive information.

The problem is that unsigned Java applets are able to use QuickTime for Java and Quartz Composer to upload images which may potentially contain sensitive information. Security Watch - Browsers - Patch Watch: Firefox, Apple QuickTime Flaw Fixes

Linked by shanmuga Thursday, 21st December 2006 10:47PM