Radware, (NASDAQ: RDWR), the leading provider of integrated application delivery solutions for business-smart networking, today announced it has found a vulnerability that may cause application Denial of Service (DoS) in Firefox 3, Mozilla’s latest Web browser application.
Discovered by the vulnerability research team of Radware’s Security Operations Center (SOC), the Firefox vulnerability could result in a system crash of the Firefox browser and the instant lost of any unsaved information. Immediate protection from this vulnerability is available as part of Radware’s Security Update Service (SUS), which seeks to safeguard customer infrastructures in advance of public disclosure of the flaw.
"We recognize that Mozilla has continued to invest significantly in security features for Firefox 3; however we were able to easily detect this vulnerability through a simple fuzzing technique,” said Itzik Kotler, Security Operation Center Manager, Radware. “This clearly shows that zero-minute vulnerabilities are still aggressively in the public domain, making it increasingly more evident that security requirements must stay top-of-mind when developing and releasing new networked applications.”
Radware’s team of researchers found that in order to exploit the vulnerability which crashes the Firefox application, a Firefox 3 user must open or surf into an HTML page crafted with a simple set of legitimate HTML tags. This can be achieved either by social engineering or can be injected into a comprised site.
Radware also determined the vulnerability affects Firefox version 3.0, as well as minor update versions (i.e. 3.0.1) version released. For more information regarding Radware’s security solutions please visit: www.radware.com.
About Radware
Radware (NASDAQ:RDWR), the global leader in integrated application delivery solutions, assures the full availability, maximum performance, and complete security of business-critical applications for more than 5,000 enterprises and carriers worldwide. With APSolute™, Radware's comprehensive and award-winning suite of intelligent front-end, access, and security products, companies in every industry can drive business productivity, improve profitability, and reduce IT operating and infrastructure costs by making their networks "business smart." For more information, please visit www.radware.com.
This press release may contain forward-looking statements that are subject to risks and uncertainties. Factors that could cause actual results to differ materially from these forward-looking statements include, but are not limited to, general business conditions in the Application Switching or Network Security industry, changes in demand for Application Switching or Network Security products, the timing and amount or cancellation of orders and other risks detailed from time to time in Radware's filings with the Securities and Exchange Commission, including Radware's Form 20-F