free to fly: Mozilla Firefox Multiple Vulnerabilities

1.0 Introduction

The vulnerabilities consist of flaws found and known with the following CVE :

CVE-2008-5500
CVE-2008-5501
CVE-2008-5502
CVE-2008-5503
CVE-2008-5504
CVE-2008-5505
CVE-2008-5506
CVE-2008-5507
CVE-2008-5508
CVE-2008-5510
CVE-2008-5511
CVE-2008-5512
CVE-2008-5513

2.0 Impact

A successful exploitation could allow intruder to pass certain security restrictions, obtain sensitive and secret information, conduct cross-site scripting attacks, or potentially compromise a user's system.

Some vulnerabilities lead to memory corruption and could be exploited to run arbitrary code and allow an attacker to cause a denial of service (DoS) condition.

3.0 Affected Products and Platforms

Mozilla Firefox 3.x & Mozilla Firefox 2.0.x

4.0 Mitigation

Users are advised to promptly upgraded the web browser to the latest version (version 3.0.5) at the mentioned URL [1].

5.0 References

[1]	Mozilla Firefox and Thunderbird download page
	http://www.mozilla.com/en-US/products/download.html?product=firefox-3.0.5

[2]	Secunia Advisories
	http://secunia.com/advisories/33203/

[3]	F-Secure Vulnerability Information
	http://www.f-secure.com/vulnerabilities/SA33203

[4]	Mozilla Foundation Security Advisory 2008-60
	http://www.mozilla.org/security/announce/2008/mfsa2008-60.html

[5]	Mozilla Foundation Security Advisory 2008-64
	http://www.mozilla.org/security/announce/2008/mfsa2008-64.html

[6]	Mozilla Foundation Security Advisory 2008-65
	http://www.mozilla.org/security/announce/2008/mfsa2008-65.html

[7]	F-Secure Vulnerability Information : Mozilla Firefox 2 Multiple Vulnerabilities
	http://www.f-secure.com/vulnerabilities/SA33184

free to fly

Tuesday, December 23, 2008

Mozilla Firefox Multiple Vulnerabilities

No comments:

Followers

Blog Archive

About Me