Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

New Firefox releases fix security vulnerabilities

Published: 2007-05-31
Last Updated: 2007-05-31 21:49:36 UTC
by Maarten Van Horenbeeck (Version: 2)
0 comment(s)

Firefox 2.0.0.4 and 1.5.0.12 were released yesterday, fixing six security vulnerabilities. While not confirmed, the most significant of these could potentially allow arbitrary code execution:

MFSA-2007-17 Parts of the browser chrome could be spoofed or hidden
MFSA-2007-16 Script injection (High impact)
MFSA-2007-14 Two issues with cookie handling
MFSA-2007-13 Denial of service against 'form autocomplete'
MFSA-2007-12 Crash with potential memory corruption (High impact - two CVEs)

Keywords:
0 comment(s)
Diary Archives