Mozilla Foundation, the organisation behind the popular open source Firefox web browser, has dished out security patches for its browser that cater for five critical vulnerabilities in the older versions of the web browser; the latest version of Firefox, version 3.6, already comes with these patches.
According to an advisory statement released by Mozilla, Firefox 3.5.8 and Firefox 3.0.18 web browsers are crippled by three critical vulnerabilities that affect the browsers' Gecko rendering engines and the HTML parsers.
In the advisory, Mozilla warned that the three critical vulnerabilities can be severely exploited by hackers wishing to inject dangerous malware into computer systems.
Explaining the nature of the vulnerabilities, Mozilla said in the advisory that “Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code.”
The other two security flaws, which are tagged as 'moderate' by Mozilla, were said to be vulnerable to cross-scripting malware attacks.
Interestingly, one of the vulnerabilities was reported by rival Microsoft, which had recently reported a critical flaw in the Adobe Flash as well. Microsoft has become well skilled at finding vulnerabilities in the applications of other companies.