Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Firefox gets an update. InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Firefox gets an update.

Published: 2009-04-22
Last Updated: 2009-04-22 18:18:43 UTC
by Joel Esler (Version: 1)
0 comment(s)

We had several readers write in this morning to let us know of Firefox version 3.0.9 being released.

(Thanks roseman, CJ, Sebenste!)

For a complete linked list of Firefox vulns: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.9

MFSA 2009-22 Firefox allows Refresh header to redirect to javascript: URIs
MFSA 2009-21 POST data sent to wrong site when saving web page with embedded frame
MFSA 2009-20 Malicious search plugins can inject code into arbitrary sites
MFSA 2009-19 Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString
MFSA 2009-18 XSS hazard using third-party stylesheets and XBL bindings
MFSA 2009-17 Same-origin violations when Adobe Flash loaded via view-source: scheme
MFSA 2009-16 jar: scheme ignores the content-disposition: header on the inner URI
MFSA 2009-15 URL spoofing with box drawing character
MFSA 2009-14 Crashes with evidence of memory corruption (rv:1.9.0.9)

-- Joel Esler

http://www.joelesler.net

http://www.twitter.com/joelesler

Keywords:
0 comment(s)
Diary Archives