Secunia Security Advisory 39136

Secunia Security Advisory 39136: Posted Mar 31, 2010; Authored by Secunia | Site secunia.com; Secunia Security Advisory - Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to manipulate certain data, bypass certain security restrictions, and potentially compromise a user's system.; tags | advisory, vulnerability; SHA-256 | 6bbd52196a74cbfbf8fcd4eec4c10439fd2c85e7d8dd3dc95395ab2e25fcd11a; Download | Favorite | View

Secunia Security Advisory 39136

----------------------------------------------------------------------


  Secunia CSI
+ Microsoft SCCM
-----------------------
= Extensive Patch Management

http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/


----------------------------------------------------------------------

TITLE:
Mozilla Firefox Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA39136

VERIFY ADVISORY:
http://secunia.com/advisories/39136/

DESCRIPTION:
Some vulnerabilities have been reported in Mozilla Firefox, which can
be exploited by malicious people to manipulate certain data, bypass
certain security restrictions, and potentially compromise a user's
system.

For more information:
SA38608

1) An error related to the select event handler for XUL tree items
can be exploited to potentially execute arbitrary code.

SOLUTION:
Update to version 3.5.9. Set the
"security.ssl.require_safe_negotiation" preference to "true".

PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) regenrecht, via ZDI

ORIGINAL ADVISORY:
Mozilla:
http://www.mozilla.org/security/announce/2010/mfsa2010-16.html
http://www.mozilla.org/security/announce/2010/mfsa2010-17.html
http://www.mozilla.org/security/announce/2010/mfsa2010-18.html
http://www.mozilla.org/security/announce/2010/mfsa2010-19.html
http://www.mozilla.org/security/announce/2010/mfsa2010-20.html
http://www.mozilla.org/security/announce/2010/mfsa2010-22.html
http://www.mozilla.org/security/announce/2010/mfsa2010-23.html

OTHER REFERENCES:
SA38400:
http://secunia.com/advisories/38400/

SA38608:
http://secunia.com/advisories/38608/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
private users keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Top Authors In Last 30 Days

Red Hat 244 files
Ubuntu 86 files
Gentoo 31 files
Debian 17 files
tmrswrr 8 files
Sina Kheirkhah 7 files
indoushka 5 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
bRpsd 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,456)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,351)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,673)
UNIX (9,429)
UnixWare (187)
Windows (6,667)
Other

Secunia Security Advisory 39136

Secunia Security Advisory 39136

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Secunia Security Advisory 39136

Share This

Secunia Security Advisory 39136

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems