Nytro Posted February 18, 2012 Report Posted February 18, 2012 [h=1]Mozilla Releases Firefox 10.0.2 for png Flaw[/h]By Sean Michael Kerner | February 17, 2012From the 'Be Careful What you Click' files: At the end of last week, Mozilla released Firefox 10.0.1, which fixed a single flaw. Now here we are at the end of a new week, and there is another release with Firefox 10.0.2. This time the flaw is one that I'm familiar with - as it was patched by Google in Chrome 17, just slightly ahead of the Firefox 10.0.2 update. The actual flaw is a vulnerability in the libpng graphics library that many open source tools (including browsers) use. It's an integer overflow flaw that could have some serious consequences. "An attacker could craft malicious images which exploit this bug, and deliver them to users through websites or email messages," Mozilla warned in its advisory.According to Mozilla, they were alerted about the flaw by Red Hat. In any event, make sure you update, this is a flaw looks relatively easy to me to exploit and thanks to the quick actions of Google and Mozilla - now trivially easy to protect against too.Sursa: Mozilla Releases Firefox 10.0.2 for png Flaw - InternetNews. Quote
