Firefox – Browser with the Most Disclosed Vulnerabilities

By | April 15, 2009 | 14 Comments

From .PDF (download)

“This year, Secunia published advisories for the four most widely used web browsers: Internet Explorer (IE), Safari, Opera, and Mozilla Firefox. 31 vulnerabilities were reported for Internet Explorer (IE 5.x, 6.x, and 7), including those publicly disclosed prior to vendor patch as well as those included in Microsoft Security Bulletins. Safari and Opera each had 32 and 30 vulnerabilities, whereas 115 vulnerabilities were registered for Firefox in 2008. Figure 3 presents an overview of vulnerabilities pertaining to the four most popular browsers.”


About (Author Profile)

Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism career back in 2007 when he founded Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.

  • abcnet

    long live opera

  • Foo

    Not surprising given that Firefox has full disclosure for its bugs once they are fixed and the source being open probably helps too.
    There is no way to know the actual number of vulnerabilities for the other three browsers…
    Though I’m quite surprised that there is so few vulnerabilities reported for extensions…

    Btw, I think it’s interesting how the vulnerabilities for the three browsers have very similar distribution (well, except for Safari which have less exposure of information and more ddos problems) for 2008.
    Firefox, Safari, Opera

  • Sklep Zoologiczny

    Hmm.. Opera the safest browser?! Word ;)

  • Tiago Sá

    Not surprising since firefox’s vulnerabilities are multiplied by FOUR by stupid secunia, one for each firefox based browser. Also, there is a DIRECT relationship between the number of disclosed vulnerabilities and browser security: the more vulnerabilities disclosed, the more secure the browser is, as more people can correct the issue more quickly, and more people are aware of it. Also, Firefox is the browser that corrects issues more quickly.

  • Mancho

    This also says nothing to how severe the vulnerabilites are, as well as how quickly they are fixed. And since ActiveX is not so much a plugin as it is basic IE functionality, it really speaks more to how worthless IE is than FF. Oh, and Opera FTW!

  • werwolf

    I hope it is clear to everybody that Opera is the most secure browser on Earth.

  • TTT

    This is just vulnerabilities that have been found AND have been disclosed by the vendor. It doesn’t really say anything about the security of the browser.
    Also, the safest browser is most definitely lynx or nc :P

    @Tiago Sá
    They also have this strange thing with “bundling” vulnerability reports going, which makes the counting even more unreliable :-/

  • Scorpion

    *shakes head* @ opera fan boys so ignorant and stuck up in their own little world. the article is damn joke, while Firefox is far from perfect at least Firefox corrects the issue and get’s it done. see Firefox 3.0.8 emergency release as an example.

    if opera had a big of a market share as Firefox, they would getting hit as hard
    as Firefox has. point is the vulnerabilities get’s fixed by Firefox on their end, it’s funny the article doesn’t mention that.

  • Vygantas Lipskas


    While I agree on your point. IE has even more market share.

  • Jan Wolter

    This is from Secunia’s annual report to it’s customers. The purpose of that report is to toot Secunia’s horn by boasting about all the vulnerabilities they have reported. They don’t disclose enough about what is being counted for anyone to assess the actual meaning of these numbers or draw any conclusions at all from them. In fact, they are obviously nonsensical. Does anyone really believe that in all the Firefox extensions together there is only one vulnerability? This is meaningless smoke from Secunia’s marketing department, and to draw any conclusion about any browser from it is absurd.

  • TTT

    Speaking of IE, how come IE8 have 0 vulnerabilities according to secunia, remember that contest?
    Also, since when does 11+13+9 add up to 31? Am I missing something?

  • Tom

    cz ff also didnt had that one counted

  • http://Www.Centralstation.Com Subair

    God bless all of you that wrote opera 9.0 & 4.2, for you guys are our messiah our so called foreigner service provider nearly kill us with thei connection charges. But with opera life is worth living. Pls send me the latest opera for pc connection cause 9.0 version is no more browsing without per pay

  • Pingback: 보안 취약점에 가장 많이 노출된 IE와 ActiveX (Secunia 2008 Report) | 모바일로 여는 세상 - anytime, anywhere()