Mozilla fixes vulnerabilities in Firefox, SeaMonkey and Thunderbird

    The company Mozilla has eliminated vulnerability in three of its products - Firefox, SeaMonkey and Thunderbird, patching a "hole" could allow an attacker to remotely perform XSS-attack.

    The error that occurs when processing about: blank pages loaded with chrome into an add-on module allows an attacker to create a special page that can execute arbitrary script code in the victim’s browser with chrome privileges. The user only needs to click on the specially formed link that opens the “about: blank” page with the help of an additional module.

    To get rid of the vulnerability, you just need to update the program by downloading the latest versions from the Mozilla website.

    via SecurityLab.ru

    Also popular now: