Thursday, May 25, 2017
Home / Security / Exploits / Firefox 16.0.2 patch fixes security flaws

Firefox 16.0.2 patch fixes security flaws

Many security vulnerabilities in Firefox 16 are being covered in an update  of the browser software released by the Mozilla Foundation. This is the second time in the last two weeks that the web browser has had to be updated to handle security problems.

All the security issues are related to the “Location” object in the software. One of the flaws, when fused with some plug-ins, could be exploited to perform cross-site scripting attacks on users.

Those attacks commonly are exploited to infect Web applications at trusted websites and push malicious code to unsuspecting visitors of those sites.

An additional vulnerability takes the CheckURL procedure in the browser’s code, which could be forced to return a wrong value. Mozilla said this could be exploited in a cross-site scripting attack, or be used to execute arbitrary code to a browser add-on that interacts with the content on a page.

A third defect addressed by the update allowed the security wrapper on the Location object to be bypassed by a hacker.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …