Mozilla fixes Firefox 3.5.2 and 3.0.13 security bugs

Mozilla issued an update for Firefox 3.5.2 and 3.0.13 that squashes four critical security bugs in the popular open-source browser, including one that could make it easy for attackers to spoof SSL certificates used to secure websites. The vulnerability meant Firefox could be tricked by rogue certificates, a potentially dangerous scenario that could allow attackers to create convincing-looking forgeries […]

Mozilla issued an update for Firefox 3.5.2 and 3.0.13 that squashes four critical security bugs in the popular open-source browser, including one that could make it easy for attackers to spoof SSL certificates used to secure websites. The vulnerability meant Firefox could be tricked by rogue certificates, a potentially dangerous scenario that could allow attackers to create convincing-looking forgeries of websites used for banking, email and other sensitive services. The technique works by adding a simple null string character to several certificate fields and was independently reported at the Black Hat security conference by researchers Moxie Marlinspike and Dan Kaminsky.

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.