SecurityFocus reports an unpatched highly critical vulnerability in Firefox 2.0. This defect has been known since June 2006 but no patch has yet been made available. The developers claimed to have fixed the problem in 1.5.0.5 according to Secunia, but the problem still exists in 2.0 according to SecurityFocus (and I have witnessed the crash personally). If security is the main reason users should switch to Firefox, how do we explain known vulnerabilities remaining unpatched across major releases?
edit: The below link is a working example of the exploit. It should crash firefox so you are warned dont click it unless you really want to restart firefox.
test
Source: http://it.slashdot.org/article.pl?sid=06/10/28/2115202
Bookmarks