Updated mozilla packages that fix a buffer overflow issue are now available.
Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. iSEC Security Research has discovered a buffer overflow bug in the way Mozilla handles NNTP URLs. If a user visits a malicious web page or is convinced to click on a malicious link, it may be possible for an attacker to execute arbitrary code on the victim's machine. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1316 to this issue. Users of Mozilla should upgrade to these updated packages, which contain backported patches and are not vulnerable to these issues.