Gentoo Linux Security Advisory GLSA 200712-21 - Jesse Ruderman and Petko D. Petkov reported that the jar protocol handler in Mozilla Firefox and Seamonkey does not properly check MIME types (CVE-2007-5947). Gregory Fleischer reported that the window.location property can be used to generate a fake HTTP Referer (CVE-2007-5960). Multiple memory errors have also been reported (CVE-2007-5959). Versions less than 2.0.0.11 are affected.
244d0fd277ba8fac81e13a718b0d70f27593de6f68f4ffcc21be93c9017b2b37
Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.11.
3a44ac9de2c4396bed24377eb4612c6e732c83da09e25a365607275d31922402
Debian Security Advisory 1425-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.
bc9da4ebc8482992a1764e554998871fa34bace3215be4be99b5e18fd4a570e9
Debian Security Advisory 1424-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.
0b20d0bafd53e150a885eb49067d4cd05ed44445abe390f048728fd918cd9cc3
Ubuntu Security Notice 546-2 - USN-546-1 fixed vulnerabilities in Firefox. The upstream update included a faulty patch which caused the drawImage method of the canvas element to fail.
cd6620ec6ef11dcd2e4ad14c25d074f47f1e99e49f81174d1ae8cd195e713a76
Ubuntu Security Notice 546-1 - It was discovered that Firefox incorrectly associated redirected sites as the origin of "jar:" contents. A malicious web site could exploit this to modify or steal confidential data (such as passwords) from other web sites. Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious web page, an attacker could execute arbitrary code with the user's privileges. Gregory Fleischer discovered that it was possible to use JavaScript to manipulate Firefox's Referer header. A malicious web site could exploit this to conduct cross-site request forgeries against sites that relied only on Referer headers for protection from such attacks.
eea6986dd7177cff71510c5348f3b44123fb42e4e12c02afbd9a3deb373ed2bf