In a public mea culpa, Mozilla's chief security officer acknowledged Monday that Firefox includes the same flaw that the company called a "critical vulnerability" in Internet Explorer during a two-week ruckus over responsibility for a Windows zero-day bug.
"Over the weekend, we learned about a new scenario that identifies ways that Firefox could also be used as the entry point," said Window Snyder of Mozilla. "While browsing with Firefox, a specially crafted URL could potentially be used to send bad data to another application.
http://www.linuxlinks.com/portal/news/article.php?story=20070725113823866