Mozilla: We’ll Fix 2nd Minor Firefox 2.0 Bug

A second minor bug found in the Firefox 2.0 Web browser will be fixed, but users shouldn’t encounter much of a problem in the meantime, a Mozilla official said Thursday.

The browser will crash if it visits a webpage that been intentionally coded with JavaScript in such a way as to target the bug, said Tristan Nitot, director of European operations for Mozilla.

“It’s very unlikely that anyone would have put a similar page on any ordinary webpage,” so users shouldn’t be affected, Nitot said.

The problem can’t be used to steal data from a computer, he added.

It’s the second bug that’s been found in Firefox 2.0 since its release on Oct. 24. The first bug causes the browser to hang or crash when a very large document is loaded into an iframe—an HTML element—using JavaScript.

The new bug will eventually be fixed. “We will fix it because we need reliability,” Nitot said, adding that no timetable has been set.

Firefox 2.0 and Microsoft’s rival Web browser Internet Explorer 7 (IE7), which debuted within a week of one another, are under close scrutiny by security analysts.

Both vendors have contested experts’ claims of flaws. Mozilla said one reported problem with Firefox 2.0 was fixed in a previous version, while a second report of an exploitable vulnerability couldn’t be replicated.

Microsoft charged a behavior cited as a vulnerability in IE7—where a pop-up window can display content from a different, untrusted website—isn’t a bug, but a feature, after the behavior was reported by vendor Secunia.

-Jeremy Kirk, IDG News Service (London Bureau)

Related Links:

• Mozilla Firefox Gaining Ground on Microsoft IE

• Mozilla Downplays 1st Firefox 2.0 Bug Reports

• Second IE 7 Flaw Discovered, Secunia Says

• 1st Microsoft IE7 Security Flaw Reported

• Mozilla Firefox 2.0 Hits the Web

• Microsoft Internet Explorer 7 Browser Released

Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.