Mandriva Linux Security Advisory 2009-182 - Security vulnerabilities have been discovered and corrected in Mozilla Firefox 3.0.x. These findings relate to cross site scripting and code execution issues.
85e0eb98605fd0c2ec33e5b5b2163b8dcced7f760b6ec7dd897d4cfad25b82d6
Debian Security Advisory 1840-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.
06bec18fe61ea63a11f102981e53bbd0c64e40a1fd5f1ef0e72bd54842fa19bf
Ubuntu Security Notice USN-798-1 - Several flaws were discovered in the Firefox browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Attila Suszter discovered a flaw in the way Firefox processed Flash content. If a user were tricked into viewing and navigating within a specially crafted Flash object, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Firefox did not properly handle some SVG content. An attacker could exploit this to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. A flaw was discovered in the JavaScript engine. If a user were tricked into viewing a malicious website, an attacker could exploit this perform cross-site scripting attacks.
3fce72ef2ecfd481b235326ef82129042a5ba046cafbaf06c83b33248cdae746