Mozilla warned of the first bug in Firefox 1.5

Firefox 1.5 may have a buffer overflow

The open source software organization has just released a security guide, acknowledging that a problem in the latest browser version may cause buffer overflow.

However, they rejected the assumption that this problem would cause the application to suffer long-term damage if a denial-of-service attack took place.

The code that exploited the first vulnerability of Firefox 1.5 was released on December 6, involving an error in the history.dat file (which contains information about every site users have visited). When this file is larger than 10.5 MB, the system will be suspended and requires a lot of time to clear the history buffer. According to Mozilla, to fix the error, everyone has to delete the entire content saved in History.

Mike Schroefper, Mozilla's vice president of engineering, didn't acknowledge this last week as a security breach and said Firefox 1.5 is safe. The organization also said that they have not received any feedback from customers.