Peaches Posted August 4, 2009 Report Share Posted August 4, 2009 Firefox 3.5.2 and 3.0.13 fix security vulnerabilities The Mozilla Foundation has released new versions of its Firefox browser which fix four security vulnerabilities in the 3.5 branch and three in the 3.0 branch. One of the vulnerabilities enables an attacker to execute JavaScript with maximum browser privileges (chrome). In addition, crashes in specific situations suggest the existence of exploitable memory errors, which the developers have, with their usual caution, classed as critical.The updates also remove a bug which could allow fraudsters to present crafted websites as being SSL protected by using window.open calls to invalid URLs followed by document.write. Phishers could try to exploit this to steal data. The latest version of the browser also fixes a bug in the way SOCKS5 responses containing DNS names longer than 15 characters are processed.details heise security - http://www.h-online.com/security/Firefox-3...s--/news/113922 Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.