myITforum.com
Welcome to myITforum.com Sign in | Join | Help
in Search
Site Home Home Bloggers List Blogs Photos Downloads

Harry Waldron - My IT Forums Blog

Sharing Security Developments, and Best Practices for corporate and home users

Mozilla Security Release - New Firefox and Thunderbird versions

Security updates have been issued for Firefox, Thunderbird, Seamonkey and other Mozilla products that fix critical security vulnerabilities. These vulnerabilities could be exploited by attackers to take complete control of an affected system or bypass security restrictions. All users should install these udpates as soon as possible.

Mozilla Security Release - New Firefox and Thunderbird versions
http://www.mozilla.com/en-US/firefox/2.0.0.1/releasenotes/
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox2.0.0.1

Fixed in Firefox 2.0.0.1

MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
http://www.mozilla.org/security/announce/2006/mfsa2006-68.html

MFSA 2006-69 CSS cursor image buffer overflow (Windows only)
http://www.mozilla.org/security/announce/2006/mfsa2006-69.html

MFSA 2006-70 Privilege escallation using watch point
http://www.mozilla.org/security/announce/2006/mfsa2006-70.html

MFSA 2006-71 LiveConnect crash finalizing JS objects
http://www.mozilla.org/security/announce/2006/mfsa2006-71.html

MFSA 2006-72 XSS by setting img.src to javascript: URI
http://www.mozilla.org/security/announce/2006/mfsa2006-72.html

MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
http://www.mozilla.org/security/announce/2006/mfsa2006-73.html

MFSA 2006-75 RSS Feed-preview referrer leak
http://www.mozilla.org/security/announce/2006/mfsa2006-75.html

MFSA 2006-76 XSS using outer window's Function object
http://www.mozilla.org/security/announce/2006/mfsa2006-76.html

Mozilla Security Center
http://www.mozilla.org/security/

Internet Storm Center
http://www.incidents.org/diary.php?storyid=1958

CERT
http://www.us-cert.gov/current/current_activity.html#mzsecadv1206

FrSIRT
http://www.frsirt.com/english/advisories/2006/5068

Secunia
http://secunia.com/advisories/23282/

Zero-Day Initiative - Fixing the SVG vulnerability is critical
http://www.zerodayinitiative.com/advisories/ZDI-06-051.html
http://www.mozilla.org/security/announce/2006/mfsa2006-73.html

Firefox Product Page and Download link
(most users should be able to auto-update to the new release)
http://www.mozilla.com/en-US/firefox/

Thunderbird Product Page and Download link
http://www.mozilla.com/en-US/thunderbird/

Seamonkey Product Page and Download link
http://www.mozilla.org/projects/seamonkey/
Published Dec 21 2006, 03:36 PM by hwaldron

Comments

No Comments

This Blog

Syndication
Copyright - www.myITforum.com, Inc. - 2007 All Rights reserved.
Powered by Community Server (Commercial Edition), by Telligent Systems