navigation bar left navigation bar right

navigation left tab Advisories navigation right tab
navigation left tab Research navigation right tab
navigation left tab Forums navigation right tab
navigation left tab Create Profile navigation right tab
navigation left tab Our Commitment navigation right tab
Database
Search
Advisories by Product
Advisories by Vendor
Terminology
Report Vulnerability
Insecure Library Loading

Vulnerability Report: Mozilla Firefox 3.5.x

This vulnerability report for Mozilla Firefox 3.5.x contains a complete overview of all Secunia advisories affecting it. You can use this vulnerability report to ensure that you are aware of all vulnerabilities, both patched and unpatched, affecting this product allowing you to take the necessary precautions.

If you have information about a new or an existing vulnerability in Mozilla Firefox 3.5.x then you are more than welcome to contact us.


Table of Contents

1. Product Summary Only

2. Secunia Advisory Statistics (All time)
2.1. Statistics for 2014
2.2. Statistics for 2013
2.3. Statistics for 2012
2.4. Statistics for 2011
2.5. Statistics for 2010
2.6. Statistics for 2009
2.7. Statistics for 2008
2.8. Statistics for 2007
2.9. Statistics for 2006
2.10. Statistics for 2005
2.11. Statistics for 2004
2.12. Statistics for 2003

3. List of Secunia Advisories (All time)
3.1. List for 2014
3.2. List for 2013
3.3. List for 2012
3.4. List for 2011
3.5. List for 2010
3.6. List for 2009
3.7. List for 2008
3.8. List for 2007
3.9. List for 2006
3.10. List for 2005
3.11. List for 2004
3.12. List for 2003

4. Send Feedback
 
Vendor, Links, and Unpatched Vulnerabilities

Vendor Mozilla Foundation

Product Link View Here (Link to external site)

Affected By 19 Secunia advisories
161 Vulnerabilities

Monitor Product Receive alerts for this product

Unpatched 0% (0 of 19 Secunia advisories)

Most Critical Unpatched
There are no unpatched Secunia advisories affecting this product, when all vendor patches are applied..




Secunia Advisory Statistics (All time)

Statistics based on Secunia advisories released since 2003.

PLEASE NOTE: The statistics provided should NOT be used to compare the overall security of products against one another. It is IMPORTANT to understand what the below comments mean when using the statistics, especially when using the statistics to compare the vulnerability aspects of different products.

Secunia advisories often cover multiple vulnerabilities. Consequently, the number of advisories issued for a product does not always reflect the number of security issues that have been disclosed. For instance, in 2006 Secunia issued more than 5,000 advisories covering more than 9,000 vulnerabilities. This is counted AFTER removing duplicates generated by Linux distributions, issues in beta software, and what Secunia considers non-issues and fake issues that our competitors and other security vendors often write about.

It should also be noted that some operating systems (e.g. certain Linux distributions) bundle together a large number of software packages, and are therefore affected by vulnerabilities, which do not affect other operating systems (e.g. Microsoft Windows) that don't bundle together a similar amount of software packages.

Additionally, the number of unpatched vulnerabilities for a product may be affected by the fact that certain products (product bundles) consist mostly or solely of third party software (such as Linux distributions). Secunia tracks the number of issues fixed by the product vendor and not the issues reported in the third party software; this affects the statistics looking at unpatched issues A direct and fair comparison of unpatched issues for e.g. Microsoft Windows and Linux distributions is therefore NOT possible using the aggregated Secunia statistics. Such a comparison can only be made by tracking the upstream third party software included in Linux distributions and combining this with Linux distributions' own patches before comparing this with the aggregated statistics for Microsoft Windows operating systems.

Factors such as vendor response times and ability to properly fix vulnerabilities should also be considered when comparing products. Writing 100% secure code is virtually impossible, hence the vendor's responsiveness, willingness, and ability to provide quality patches to all its customers in a fast a reliable way is at least as important as the sheer number of vulnerabilities when considering the security of a product.

Please read the text associated with each graph to interpret the graph correctly.


Month by Month
The "Month by Month" graph below shows the number of issued Secunia advisories affecting Mozilla Firefox 3.5.x on a month-by-month basis.

This can be used to see how many Secunia advisories are being reported in this product.



Use This Graph On Your Website:
http://secunia.com/advisories/graph/?type=adv&prod=25800&period=all


Solution Status
The "Solution Status" pie graph below shows the percentages of "Unpatched", "Vendor Patched", "Vendor Workaround" and "Partial Fixed" Secunia advisories affecting Mozilla Firefox 3.5.x.

This can be used to get a quick overview of how many unresolved issues this product has.



Use This Graph On Your Website:
http://secunia.com/advisories/graph/?type=sol&period=all&prod=25800


Criticality
The "Criticality" pie graph below shows the percentages of "Extremely", "Highly", "Moderately", "Less", and "Not" critical Secunia advisories affecting Mozilla Firefox 3.5.x.

This can be used to get a quick overview of how severe the issued Secunia advisories that affect this product have been.



Use This Graph On Your Website:
http://secunia.com/advisories/graph/?type=cri&period=all&prod=25800


Where
The "Where" pie graph below shows the percentages of "From remote", "From local network", and "Local system" Secunia advisories affecting Mozilla Firefox 3.5.x.

This can be used to compare the attack vectors of the Secunia advisories that have been issued for this product.



Use This Graph On Your Website:
http://secunia.com/advisories/graph/?type=fro&period=all&prod=25800


Impact
The "Impact" pie graph below shows the percentages of all Secunia Impact categories based on Secunia advisories affecting Mozilla Firefox 3.5.x.

This can be used to see if this product seems to have a problem with specific types of vulnerabilities.



Use This Graph On Your Website:
http://secunia.com/advisories/graph/?type=imp&period=all&prod=25800

Discuss this Product
A new thread in our forum is automatically created for each Product. Activate the thread by commenting/discussing below.
Subject: Mozilla Firefox 3.5.x 
User Message
[+]

Jesant13

RE: Mozilla Firefox 3.5.x
This reply has been minimised due to a negative Relevancy Score.
MistahKurtz9899 RE: Mozilla Firefox 3.5.x
Member 18th Aug, 2010 09:06
Score: 0
Posts: 1
User Since: 14th Aug 2010
System Score: N/A
Location: N/A
Secunia does not recognize 3.6 as an update to 3.5.x after it has been installed.
Was this reply relevant?
+0
-0
Anthony Wells RE: Mozilla Firefox 3.5.x
Expert Contributor 19th Aug, 2010 20:43
Score: 2454
Posts: 3,345
User Since: 19th Dec 2007
System Score: N/A
Location: N/A
@MistahKurtz9899 ,

You need to tell us where the PSI is locating the versions of 3.5.x and 3.6.x of Firefox .

You need to get the information using the advanced mode of the PSI - link in the top right corner of any PSI page .

Here are some tips on using this mode ;-

It would be a shame not to try the "advanced" mode ; so here are some tips for "looking around" :-

Click on each/all the tabs and there is plenty of written advice about what each tab contains .

If a "problem" shows in the "insecure" or "end of life" tabs , then to help resolve any problem , here are some instructions to help you first of all get the best out of PSI :-

1)use PSI in "advanced" mode ;
2)in the "settings" tab make sure that the box in the first/upper section is NOT ticked in order to have the maximum info available ;
3)tell us in which "tab(s)" your problem programme is located ;
4)in that tab , click on the + in the box at the left end of the programme , the page will expand ;
5)in the expanded page , tell us what is written in the "installation path" ;
6)in the "toolbox" section , lower down , the link "technical details" should confirm the installation path details ;
7)click on the link "open folder" and you will see more details concerning the location of the "problem" .

Posting these details will help the Forum help you , if/when you have a problem .

Hope this helps .

Anthony




--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+1
-0
taffy078 RE: Mozilla Firefox 3.5.x
Contributor 19th Aug, 2010 23:10
Score: 408
Posts: 1,352
User Since: 26th Feb 2009
System Score: 100%
Location: UK
Hi, MistahKurtz9899?Anthony.

FileHippo's Update Checker*** told me earlier this week that my Firefox needed updating, which I did.

Secunia now shows it (v. 3.6.8) in both the Patched & Secure Browsing tabs.



*** http://www.filehippo.com/

PS It also showed CCleaner & other programs that I use as needing an update.

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0
Anthony Wells RE: Mozilla Firefox 3.5.x
Expert Contributor 19th Aug, 2010 23:50
Score: 2454
Posts: 3,345
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hello taffy ,

Secunia (should) have been showing that Firefox needed a security update in the PSI "insecure" and "secure browsing" tabs since 26/07/2010 (well over 3 weeks ago) :-

http://secunia.com/advisories/40720/

How come you only just found it now and from Filehippo and not the PSI ???

The "auto-update" in your PSI 1.9.0.2. or Firefox itself should have taken care of this some time ago !!

At the moment we do not know which versions of Ff 3.5x and/or 3.6x @MistahKurtz is having trouble with ; I'll leave you to sort it when/if she/he reports back .

Anthony



--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-0
taffy078 RE: Mozilla Firefox 3.5.x
Contributor 20th Aug, 2010 08:06
Score: 408
Posts: 1,352
User Since: 26th Feb 2009
System Score: 100%
Location: UK
(unknown source)
Hello taffy ,

Secunia (should) have been showing that Firefox needed a security update in the PSI "insecure" and "secure browsing" tabs since 26/07/2010 (well over 3 weeks ago) . . . . .

How come you only just found it now and from Filehippo and not the PSI ???

The "auto-update" in your PSI 1.9.0.2. or Firefox itself should have taken care of this some time ago !!

Anthony


You're right, Anthony. I did wonder at the time. I'll email Support rather than hijack this thread.

--
taffy078, West Yorkshire, UK

Desktop: Compaq Presario (OEM) 32 bit / AMD Athlon / 2 GB RAM
XP Home - SP3/ IE8/ Norton IS - Secunia PSI v2.0.0.3003

Laptop: Win 7 / IE11 / PSI v2.0.0.3003
Was this reply relevant?
+0
-0

-

You must be logged in to post a comment.



 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


Secunia is a member of FIRST Secunia is a member of EDUcause Secunia is a member of The Open Group Secunia is a member of FS-ISAC
 
Secunia © 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer
follow Secunia on Facebook follow Secunia on Twitter follow Secunia on LinkedIn follow Secunia on YouTube follow Secunia Xing follow Secunias RSS feed follow Secunia on Google+