Firefox Security Vulnerabilities.



In the spirit of a fair look at Mozilla Firefox (after doing a bit of a roasting of IE’s security), I’ve taken a look at Secunia’s analysis of Firefox. Currently there are 3 unpatched vulnerabilities on Firefox.



Firefox Vulnerabilities This is the summary graphic for what has been addressed since 2003.

I didn’t include the following comparison in the IE article, but will here to note that Firefox has NOT been susceptable to Extremely critical vulnerabilities according to Secunia.
Severity of vulnerabilities

IE’s vulnerabilities were 15% Extremely critical.

There are two vulnerabilities that are, approaching one year old on firefox, both rate a 2 of 5 on their criticality scale.

If you take the raw analysis at Secunia at face value, Firefox IS the more secure of the two browsers currently. However, Secunia emphasizes that their statistics are not meant for comparing the security of two different products. In part because Secunia advisories can cover multiple vulnerabilities (one advisory might be 5 issues on one product, on another one adivsory could indicate just 1 issue.) They also note to take into account that some operating systems bundle more software (Linux distros for instance that bundle many desktop apps with the base distribution). Additionally they note that the time to resolve a fix is important as well. i.e. don’t beat someone up for 100′s of vulnerabilities if they are all fixed in a timely fashion. In light of these notes and taking into account the specifics of the vulnerabilities, I still conclude Firefox is more secure, but they need to address those three outstanding problems.

Secunia tracks security advisories for more than 5000 products. They are definitely worth keeping in your bookmarks.

Related Posts

Blog Traffic Exchange Related Posts
  • Firefox 1.5.0.5 out and be cautious with extensions... Well, let's start with the extensions first. Like ANY software, you should be cautious installing something from an untrusted source. If you think an extension looks neat and cool - look for reviews and third party information before installing it. That much said.... never install an extension that comes attached......
  • Update on the Internet Explorer VML vulnerability Just catching up on the days VML vulnerability news from today.... It looks as though... the exploit is now MUCH more widespread this blog has some video of an infection, what's notable is that the first take was VERY UNEVENTFUL, it was used to stealthily install a keylogger. (So that......
  • Exploits a plenty - IE / Excel (Firefox?) There are a number of vulnerabilities that are currently unpatched, but have working publicly known exploits for Excel (*2) and Internet Explorer (2 vulnerabilities here as well.) Proof of Concept code has been released for both the Excel and Internet Explorer vulnerabilities. This means, with the code publicly available, it......
Blog Traffic Exchange Related Websites
  • Lending Club Files S1 with SEC Lending Club has filed an S1 with the SEC (link to S1 filing). It looks to be similar in nature to the Prosper filed an S1 reported here on 10/30/2007. This continues the Lending Club quiet period started on 4/8/2008. Originally I had guessed 7 months to 1.5 years for......
  • Firefox Profiles for Increased Productivity I know this is a personal finance site, but occasionally I like to write about my first love... technology. One of my favorite pieces of technology is the Firefox web browser. I like to root for the underdog company for more competition leading to more choice for consumers. For that......
  • Database Security with Application Security, Inc. Database Security and Compliance Efforts Start with a Scan Manually assessing the security posture of a database is a complex task that requires expertise and significant resources. Manually measuring and demonstrating compliance with industry and government regulations is even more difficult, but by equipping your staff with AppDetectiveProâ„¢, you will......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Leave a Reply

You must be logged in to post a comment.


Switch to our mobile site