Mozilla has released security bulletins related to found issues in some of their products. Five of the fixed vulnerabilities are categorized as critical, two as high, one as moderate and one as low.
Critical:
MFSA 2010-64 Miscellaneous memory safety hazards (rv:1.9.2.11/ 1.9.1.14)
MFSA 2010-65 Buffer overflow and memory corruption using document.write
MFSA 2010-66 Use-after-free error in nsBarProp
MFSA 2010-67 Dangling pointer vulnerability in LookupGetterOrSetter
MFSA 2010-71 Unsafe library loading vulnerabilities
High:
MFSA 2010-68 XSS in gopher parser when parsing hrefs
MFSA 2010-69 Cross-site information disclosure via modal calls
Moderate:
MFSA 2010-70 SSL wildcard certificate matching IP addresses
Low:
MFSA 2010-72 Insecure Diffie-Hellman key exchange
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey
Wednesday, October 20, 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment