Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Firefox 3.0.2 Released - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Firefox 3.0.2 Released

Firefox 3.0.2 was released today. The release notes are available here.

It addresses 5 security vulnerabilities:

  • MFSA-2008-40 - forced mouse drag
  • MFSA-2008-41 - Privilege escalation via XPCnativeWrapper pollution
  • MFSA-2008-42 - Crashes with evidence of memory corruption (rv:1.9.0.2/1.8.1.17)
  • MFSA-2008-43 - BOM characters stripped from JavaScript before execution
  • MFSA-2008-44 - resource: traversal vulnerabilities

Mozilla considers the impact of the -41 and -42 issues to be critical, the -43 and -44 issues to be moderate and the -40 issue to be low.

David Goldsmith
SANS / ISC Handler

David

78 Posts

Sign Up for Free or Log In to start participating in the conversation!