Wednesday, April 22, 2009 7:46 AM cmosby

Firefox gets an update. – SANS Internet Storm Center

Firefox gets an update.
Published: 2009-04-22,
Last Updated: 2009-04-22 12:36:02 UTC
by Joel Esler (Version: 1)
0 comment(s) digg_url = 'http://isc.sans.org/diary.html?storyid=6232&rss'; digg_title = 'Firefox gets an update.'; digg_skin='compact'; digg_topic = 'security'; Facebookacebook witter

We had several readers write in this morning to let us know of Firefox version 3.0.9 being released.

(Thanks Kevin, CJ, Sebenste!)

For a complete linked list of Firefox vulns: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.9

MFSA 2009-22 Firefox allows Refresh header to redirect to javascript: URIs
MFSA 2009-21 POST data sent to wrong site when saving web page with embedded frame
MFSA 2009-20 Malicious search plugins can inject code into arbitrary sites
MFSA 2009-19 Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString
MFSA 2009-18 XSS hazard using third-party stylesheets and XBL bindings
MFSA 2009-17 Same-origin violations when Adobe Flash loaded via view-source: scheme
MFSA 2009-16 jar: scheme ignores the content-disposition: header on the inner URI
MFSA 2009-15 URL spoofing with box drawing character
MFSA 2009-14 Crashes with evidence of memory corruption (rv:1.9.0.9)

-- Joel Esler

http://www.joelesler.net

http://www.twitter.com/joelesler

Filed under: , , , ,

Comments

No Comments