Mandriva Linux Security Advisory 2012-167 - Mozilla security researcher moz_bug_r_a4 reported a regression where security wrappers are unwrapped without doing a security check in defaultValue(). This can allow for improper access access to the Location object. In versions 15 and earlier of affected products, there was also the potential for arbitrary code execution. The mozilla firefox packages has been upgraded to the latest version which is unaffected by this security flaw.
4f17031ebb871fa82012c80fdb8e264908014eaa803b929cd32660e31f31eb7bRed Hat Security Advisory 2012-1362-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled security wrappers. Malicious content could cause Thunderbird to execute arbitrary code with the privileges of the user running Thunderbird.
ab09352e4d57e95746704ddd95ce87c7f85cd5ac5807482e2f93dd343779715eRed Hat Security Advisory 2012-1361-01 - XULRunner provides the XUL Runtime environment for applications using the Gecko layout engine. A flaw was found in the way XULRunner handled security wrappers. A web page containing malicious content could possibly cause an application linked against XULRunner to execute arbitrary code with the privileges of the user running the application.
10660788872271b7030716cb094ae1913ae259acb17f917150e81e999a26543d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed