Powersellersunite Power Sellers Unite
Bringing Buyers and Sellers Together
 

Mozilla slaps band-aid on 11 Firefox flaws
Click here to go to the original topic

 
       Power Sellers Unite Forum Index -> Webmasters and Programmers technical help.
::  
Author Message
elgato



Joined: 24 Feb 2005
Posts: 17235
Location: Texas
Posted: Tue Jun 16, 2009 5:36 pm    Post subject: Mozilla slaps band-aid on 11 Firefox flaws  
Mozilla has joined this week’s patchapalooza with the release of a Firefox update to fix 11 documented security vulnerabilities.

Six of the 11 issues are in advisories rated “critical” because of the risk of code execution attacks that could allow hackers to take complete control of a compromised machine. Here’s a snapshot of the critical issues:


MFSA 2009-32 JavaScript chrome privilege escalation

Mozilla security researcher moz_bug_r_a4 reported a vulnerability which allows scripts from page content to run with elevated privileges. Using this vulnerability, an attacker could cause a chrome privileged object, such as the browser sidebar or the FeedWriter, to interact with web content in such a way that attacker controlled code may be executed with the object’s chrome privileges.

MFSA 2009-29 Arbitrary code execution using event listeners attached to an element whose owner document is null

Mozilla security researcher moz_bug_r_a4 reported that the owner document of an element can become null after garbage collection. In such cases, event listeners may be executed within the wrong JavaScript context. An attacker could potentially use this vulnerability to have a malicious event handler execute arbitrary JavaScript with chrome privileges.

MFSA 2009-28 Race condition while accessing the private data of a NPObject JS wrapper class object

more.. link to news article
Back to top  
 
       Power Sellers Unite Forum Index -> Webmasters and Programmers technical help.
Page 1 of 1




Powered by phpBB © 2001, 2002 phpBB Group