Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Firefox 3.0.2 Released - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Firefox 3.0.2 Released

Firefox 3.0.2 was released today. The release notes are available here.

It addresses 5 security vulnerabilities:

  • MFSA-2008-40 - forced mouse drag
  • MFSA-2008-41 - Privilege escalation via XPCnativeWrapper pollution
  • MFSA-2008-42 - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)
  • MFSA-2008-43 - BOM characters stripped from JavaScript before execution
  • MFSA-2008-44 - resource: traversal vulnerabilities

Mozilla considers the impact of the -41 and -42 issues to be critical, the -43 and -44 issues to be moderate and the -40 issue to be low.

David Goldsmith
SANS / ISC Handler

 David

78 Posts
Subscribe Sep 24th 2008
1 decade ago

Sign Up for Free or Log In to start participating in the conversation!