Firefox – Browser with the Most Disclosed Vulnerabilities

By | April 15, 2009

From .PDF (download)

“This year, Secunia published advisories for the four most widely used web browsers: Internet Explorer (IE), Safari, Opera, and Mozilla Firefox. 31 vulnerabilities were reported for Internet Explorer (IE 5.x, 6.x, and 7), including those publicly disclosed prior to vendor patch as well as those included in Microsoft Security Bulletins. Safari and Opera each had 32 and 30 vulnerabilities, whereas 115 vulnerabilities were registered for Firefox in 2008. Figure 3 presents an overview of vulnerabilities pertaining to the four most popular browsers.”


About (Author Profile)

Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism career back in 2007 when he founded Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.

Comments (14)

Trackback URL | Comments RSS Feed

  1. abcnet says:

    long live opera

  2. Foo says:

    Not surprising given that Firefox has full disclosure for its bugs once they are fixed and the source being open probably helps too.
    There is no way to know the actual number of vulnerabilities for the other three browsers…
    Though I’m quite surprised that there is so few vulnerabilities reported for extensions…

    Btw, I think it’s interesting how the vulnerabilities for the three browsers have very similar distribution (well, except for Safari which have less exposure of information and more ddos problems) for 2008.
    Firefox, Safari, Opera

  3. Hmm.. Opera the safest browser?! Word ;)

  4. Tiago Sá says:

    Not surprising since firefox’s vulnerabilities are multiplied by FOUR by stupid secunia, one for each firefox based browser. Also, there is a DIRECT relationship between the number of disclosed vulnerabilities and browser security: the more vulnerabilities disclosed, the more secure the browser is, as more people can correct the issue more quickly, and more people are aware of it. Also, Firefox is the browser that corrects issues more quickly.

  5. Mancho says:

    This also says nothing to how severe the vulnerabilites are, as well as how quickly they are fixed. And since ActiveX is not so much a plugin as it is basic IE functionality, it really speaks more to how worthless IE is than FF. Oh, and Opera FTW!

  6. werwolf says:

    I hope it is clear to everybody that Opera is the most secure browser on Earth.

  7. TTT says:

    This is just vulnerabilities that have been found AND have been disclosed by the vendor. It doesn’t really say anything about the security of the browser.
    Also, the safest browser is most definitely lynx or nc :P

    @Tiago Sá
    They also have this strange thing with “bundling” vulnerability reports going, which makes the counting even more unreliable :-/

  8. Scorpion says:

    *shakes head* @ opera fan boys so ignorant and stuck up in their own little world. the article is damn joke, while Firefox is far from perfect at least Firefox corrects the issue and get’s it done. see Firefox 3.0.8 emergency release as an example.

    if opera had a big of a market share as Firefox, they would getting hit as hard
    as Firefox has. point is the vulnerabilities get’s fixed by Firefox on their end, it’s funny the article doesn’t mention that.

  9. Scorpion,

    While I agree on your point. IE has even more market share.

  10. Jan Wolter says:

    This is from Secunia’s annual report to it’s customers. The purpose of that report is to toot Secunia’s horn by boasting about all the vulnerabilities they have reported. They don’t disclose enough about what is being counted for anyone to assess the actual meaning of these numbers or draw any conclusions at all from them. In fact, they are obviously nonsensical. Does anyone really believe that in all the Firefox extensions together there is only one vulnerability? This is meaningless smoke from Secunia’s marketing department, and to draw any conclusion about any browser from it is absurd.

  11. TTT says:

    Speaking of IE, how come IE8 have 0 vulnerabilities according to secunia, remember that contest?
    Also, since when does 11+13+9 add up to 31? Am I missing something?

  12. Tom says:

    cz ff also didnt had that one counted

  13. Subair says:

    God bless all of you that wrote opera 9.0 & 4.2, for you guys are our messiah our so called foreigner service provider nearly kill us with thei connection charges. But with opera life is worth living. Pls send me the latest opera for pc connection cause 9.0 version is no more browsing without per pay