Gentoo Linux Security Advisory GLSA 200711-14 - Multiple vulnerabilities have been reported in Mozilla Firefox and SeaMonkey. Various errors in the browser engine and the Javascript engine can be exploited to cause a memory corruption. Before being used in a request, input passed to the user ID when making an HTTP request with digest authentication is not properly sanitized. The titlebar can be hidden by a XUL markup language document. Additionally, an error exists in the handling of smb: and sftp: URI schemes on systems with gnome-vfs support. An unspecified error in the handling of XPCNativeWrappers and not properly implementing JavaScript onUnload() handlers may allow the execution of arbitrary Javascript code. Another error is triggered by using the addMicrosummaryGenerator sidebar method to access file: URIs. Versions less than 2.0.0.9 are affected.
9406d653f481b768d289697671963843abc5749121b2f6c0fbe1ff5ea8d7b3e1Ubuntu Security Notice 535-1 - A large amount of flaws related to Firefox have been fixed under Ubuntu. These include forced upload and javascript insertion vulnerabilities.
e937e8ad5d0b409d665ed543ec76877c5a6c7850fb23798031b11ce6ee1da4ed
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed