[Secure-testing-team] Bug#505557: Mozilla Firefox 3 Multiple Vulnerabilities
giuseppe at iuculano.it
Thu Nov 13 14:26:20 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
The following SA (Secunia Advisory) id was published for Firefox 3.
Some vulnerabilities have been reported in Mozilla Firefox, which can be
exploited by malicious people to disclose sensitive information, bypass
certain security restrictions, or compromise a user's system.
1) An error when processing "file:" URIs can be exploited to execute
opening a malicious local file in a tab previously opened for a
"chrome:" document or a privileged "about:" URI.
2) Various errors in the layout engine can be exploited to cause memory
corruptions and potentially execute arbitrary code.
3) An error in the browser engine can be exploited to cause a crash.
For more information see vulnerability #5 in:
corruption and potentially execute arbitrary code.
5) An error in the browser's restore feature can be exploited to violate
the same-origin policy.
For more information see vulnerability #7 in:
6) An error in the processing of the "http-index-format" MIME type can
be exploited to execute arbitrary code.
For more information see vulnerability #8 in:
7) An error in the DOM constructing code can be exploited to dereference
uninitialized memory and potentially execute arbitrary code:
For more information see vulnerability #9 in:
8) An error in "nsXMLHttpRequest::NotifyEventListeners()" can be
exploited to bypass certain security restrictions.
For more information see vulnerability #10 in:
9) An error can be exploited to manipulate signed JAR files and execute
For more information see vulnerability #11 in:
10) An error exists when parsing E4X documents can be exploited to
inject arbitrary XML code.
For more information see vulnerability #12 in:
The vulnerabilities are reported in versions prior to 3.0.4.
Update to version 3.0.4.
If you fix the vulnerability please also make sure to include the the CVE id in the changelog entry.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Secure-testing-team