Mandriva Linux Security Advisory 2009-044 - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.5. This update provides the latest Mozilla Firefox 3.x to correct these issues. As Mozilla Firefox 2.x has been phased out, version 3.x is also being provided for Mandriva Linux 2008 Spring.
b512e67d838f76d1d0ad86dfc7930d4e889c6489b61987d50067987a2f3dd1e9Ubuntu Security Notice USN-717-3 - Kojima Hajime discovered that Firefox did not properly handle an escaped null character. An attacker may be able to exploit this flaw to bypass script sanitization. Wladimir Palant discovered that Firefox did not restrict access to cookies in HTTP response headers. If a user were tricked into opening a malicious web page, a remote attacker could view sensitive information.
b419591ea81440e5b2b1faa1b19e923b05930c7c64addc334bcc9a4bc1bb90fcUbuntu Security Notice USN-717-2 - A flaw was discovered in the browser engine when restoring closed tabs. If a user were tricked into restoring a tab to a malicious website with form input controls, an attacker could steal local files on the user's system. Wladimir Palant discovered that Firefox did not restrict access to cookies in HTTP response headers. If a user were tricked into opening a malicious web page, a remote attacker could view sensitive information.
5eb3961ec908da19beb5f976be19d24395dfd349964275176bc5a1c06d991ec3Ubuntu Security Notice USN-717-1 - Several flaws were discovered in Firefox 3.0 and XULRunner 1.9. These range from denial of service to code execution vulnerabilities.
b014be89d21cd295d8644f8a7293edf116674173a80e4437ca816e1706c5053b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed