Update: Mozilla released the 3.0.8 update on Friday March 27, 2009.
Mozilla Security scrambled to address two critical security issues today. In a statement on the blog, Mozilla Security noted that the PWN2OWN bug discovered by Nils was reported to them via the Tippingpoint Zero Day initiative, but an XSLT bug was reported by Guido Landi on milw0rm.com. Mozilla stated that the fixes are undergoing quality testing and are to be included in the Firefox 3.0.8 update due on April 1st.
Mozilla Security Blog
XSLT Exploit
Security focus reference for XSLT Exploit
Mozilla Security scrambled to address two critical security issues today. In a statement on the blog, Mozilla Security noted that the PWN2OWN bug discovered by Nils was reported to them via the Tippingpoint Zero Day initiative, but an XSLT bug was reported by Guido Landi on milw0rm.com. Mozilla stated that the fixes are undergoing quality testing and are to be included in the Firefox 3.0.8 update due on April 1st.
Mozilla Security Blog
XSLT Exploit
Security focus reference for XSLT Exploit
Posts
