Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: Mozilla FIrefox 3.6.9

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Programs

Relating to this vendor:
Mozilla Foundation
And, this specific program:
Mozilla Firefox 3.6.x

This thread has been marked as locked.
ediebleustar Mozilla FIrefox 3.6.9
Member 10th Sep, 2010 02:55
Ranking: 0
Posts: 2
User Since: 28th Jun, 2010
System Score: N/A
Location: N/A
I updated Mozilla Firefox to 3.6.9, but Secunia PSI (Version 1.5.0.2) detects 3.6.8 still and says it is still insecure. I have WIndows XP, Home Edition, Version 2002, Service Pack 3). It worked ok on my other laptop (Vista), but not the desktop. When I click on Help and About Mozilla Firefox, it says it is Version 3.6.9. Should I be concerned? The Installation Path is: C:\Documents and Settings\All Users\Application Data\Mozilla Firefox\firefox exe. I have scanned again and I even re-downloaded the update and re-scanned twice, but no change. Thanks.

Reno Bill RE: Mozilla FIrefox 3.6.9
Member 10th Sep, 2010 08:26
Score: 4
Posts: 7
User Since: 26th Nov 2008
System Score: N/A
Location: N/A
I had a similar problem with Picasa, which was resolved with the insights provided by TiMow. You can view the thread to see if it applies to your problem.

http://secunia.com/community/forum/thread/show/545...
Was this reply relevant?
+1
-0
TiMow RE: Mozilla FIrefox 3.6.9
Dedicated Contributor 10th Sep, 2010 11:40
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Last edited on 10th Sep, 2010 12:40
Hi

I would suggest your problem stems from the file location of the insecure Ff. (3.6.8.). The usual default location (at least on my XP laptop) is as follows:

C:\Program Files\Mozilla Firefox\firefox.exe

Docs. and Settings is not the "normal" location (although it is for Chrome).
Did you custom install or change the default settings on your previous installation?

When you updated Ff. to 3.6.9. it probably went to the default location and therefore didn't overwrite this version, which is why PSI is still finding it.

Check to see if current version (3.6.9.) is showing under Patched tab (Advanced) and expand to reveal the installation path.

If all is as I suggest, then unless you can recall a reason why the previous version is in the location it is, it should be OK to delete it (from Open Folder icon in expanded listing of Insecure Ff).

PSI might still find it, though, in Recycle bin, so deletion from there may be required.

Probably best to re-boot and re-scan PSI.

TiMow

EDIT: Having run a search, using Windows Explore, on my system, I have found various files under Docs. and Settings - but not the main Firefox.exe.
The closest, similar file path I have is:

C:\Documents and Settings\<My User Name>\Application Data\Mozilla\Firefox

This file contains sub folders relating to Profiles and Crash Reports, which are not in the main Firefox.exe.

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+2
-0
ediebleustar RE: Mozilla FIrefox 3.6.9
Member 10th Sep, 2010 20:04
Score: 0
Posts: 2
User Since: 28th Jun 2010
System Score: N/A
Location: N/A
I followed your suggestions, Timow, and it worked. I just did a regular install, so I guess I don't why it got messed up, but thank you both so much for your help. One more thing, if Secunia PSI says Mozilla Firefox is insecure, should I not use that browser until it is fixed? Or is it ok, just be very careful?? Thx again.
Was this reply relevant?
+0
-0
TiMow RE: Mozilla FIrefox 3.6.9
Dedicated Contributor 10th Sep, 2010 20:25
Score: 737
Posts: 728
User Since: 26th Jun 2009
System Score: N/A
Location: CH
Hi ediebleustar

Pleased to read everything is OK.

After I updated Ff. to 3.6.9., the current situation seems to be that I now have it listed under Patched tab as patched; and under Secure Browsing it shows as a cat.2 threat against the line for Mozilla Firefox 3.6., showing "Insecure, no solution".

If this is the same for you, then you can do no more at this time.

The threat exposure is small , but safe browsing rules are always important whatever the browser status (this last sentence taken from a post by @Anthony Wells, but accurately sums up the situation).

TiMow

--
Computing is not yet a perfect science - it still requires humans.
Was this reply relevant?
+2
-0

This thread has been marked as locked.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability - Disclaimer