Firefox Security Vulnerabilities.



In the spirit of a fair look at Mozilla Firefox (after doing a bit of a roasting of IE’s security), I’ve taken a look at Secunia’s analysis of Firefox. Currently there are 3 unpatched vulnerabilities on Firefox.



Firefox Vulnerabilities This is the summary graphic for what has been addressed since 2003.

I didn’t include the following comparison in the IE article, but will here to note that Firefox has NOT been susceptable to Extremely critical vulnerabilities according to Secunia.
Severity of vulnerabilities

IE’s vulnerabilities were 15% Extremely critical.

There are two vulnerabilities that are, approaching one year old on firefox, both rate a 2 of 5 on their criticality scale.

If you take the raw analysis at Secunia at face value, Firefox IS the more secure of the two browsers currently. However, Secunia emphasizes that their statistics are not meant for comparing the security of two different products. In part because Secunia advisories can cover multiple vulnerabilities (one advisory might be 5 issues on one product, on another one adivsory could indicate just 1 issue.) They also note to take into account that some operating systems bundle more software (Linux distros for instance that bundle many desktop apps with the base distribution). Additionally they note that the time to resolve a fix is important as well. i.e. don’t beat someone up for 100′s of vulnerabilities if they are all fixed in a timely fashion. In light of these notes and taking into account the specifics of the vulnerabilities, I still conclude Firefox is more secure, but they need to address those three outstanding problems.

Secunia tracks security advisories for more than 5000 products. They are definitely worth keeping in your bookmarks.

Related Posts

Blog Traffic Exchange Related Posts
  • Firefox zero-day vulnerability (or is it?) I saw a comment somewhere else that zero-day was overused and in essense ANY previously unknown vulnerability in open source software is technically zero day... the intent here though is to use the word in this context.... "vulnerability has been released without giving the vendor an opportunity to patch..." Yes,......
  • Firefox vulnerabilities and 1.5 Release Candidate I know there's been at least one and probably a couple of Mozilla Firefox vulnerabilities announced in the last month or so. There are currently (according to Secunia) 3 unpatched Firefox vulnerabilities. The secunia page for firefox has the details. There are two vulnerabilites for which there is a workaround......
  • Windows more secure than Linux? For the last week, I've seen various headlines referring to a report from US-CERT that indicated 2005 had 5,198 security flaws reported. Out of those 2,328 were reported for Linux/Unix, 812 for Windows and 2,058 affecting more than one operating system. Now, I'm seeing all sorts of headlines about how......
Blog Traffic Exchange Related Websites
  • 3 Reasons Why You Need Multiple Streams of Income One of the hottest concepts right now is the premise of creating multiple streams of income. While everyone wouldn’t mind making a little extra cash, there are even more benefits that can be reaped from having more than one source of income. Let’s go over just a few of them.......
  • World Wide Web Security Essentials Is Not A Real Spyware Remover. It Resembles The Functions And Looks World wide web Security Essentials is not a real spyware remover. It resembles the functions and looks of genuine spyware removal software but has no capacity to eliminate any virus, trojan or malware. Web Security Essentials is the newest addition to the growing list of rogue Antivirus programs. Internet Security......
  • When is an ETF not Actually an ETF? Exchange Traded Funds have been popular for decades since they provide diversification with the ease of trading and dollar cost averaging.  They have gotten so popular that the actual topic of ETFs now include specific industries, super concentrated funds and even active investing.  However, when is an ETF not really......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site