Mozilla withdrew the browser Firefox 16 just one day after it was release as it was found vulnerable towards allowing malicious web pages for reading the URLs visited by the users. Normally browser’s security mechanism should not allow this type of behavior.
Heyes disclosed the issue
Gareth Heyes, security researcher disclosed this issue publicly on Wednesday, and he published about the proof, which showed the code concept that was able to determine the user’s name logging into Twitter. However, it was found that this vulnerability issue was affecting the Firefox 16.0 version only.
Fixing of Vulnerability issues with Firefox 16.0.1
Mozilla security researchers discovered that the new version of Firefox 16.0.1 was able to fix this vulnerability issue along with other security flaws of earlier versions like Firefox 15. Arbitrary code execution was the other security issue that was faced with Firefox 15 and earlier versions.
The other two corruption bugs inhabiting the memory of browser engine were also fixed in the new version that could lead to the crashes and execution of arbitrary code. However, this bug only affected when the user was using gadgets running on Firefox’s Android version.