Firefox, Thunderbird & SeaMonkeyPost your questions about Mozilla based products (Firefox, Thunderbird & SeaMonkey) here.
Mission Statement
WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.
Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.
DESCRIPTION:
Some vulnerabilities have been reported in Mozilla Firefox, which can
be exploited by malicious people to bypass certain security
restrictions, disclose sensitive information, conduct cross-site
scripting attacks, or potentially compromise a user's system.
1) Multiple errors in the layout and JavaScript engines can be
exploited to corrupt memory and potentially execute arbitrary code.
2) An error when processing the "persist" XUL attribute can be
exploited to bypass cookie settings and uniquely identify a user in
subsequent browsing sessions.
3) Multiple errors can be exploited to bypass the same-origin policy,
disclose sensitive information, and execute JavaScript code with
chrome privileges.
For more information see vulnerabilities #4 through #10 in:
SA33184
The vulnerabilities are reported in versions prior to 3.0.5.
Firefox 3.0.5 fixes several issues found in Firefox 3.0.4:
Fixed several security issues.
Fixed several stability issues.
Official releases for the Bengali, Esperanto, Galician, Hindi, and Latvian languages are now available.
Replaced the End-User License Agreement with a new "Know Your Rights" info bar on initial install.
When installing multiple signed XPIs simultaneously, previous versions of Firefox would fail.
Fixed several issues found in the accessibility implementation.
Added the ability to send OS-specific system notes in the crash reporter.
Didn't find the information you thought to find? Check out these Similar Threads
