« .NET Framework rootkits - backdoors inside your framework | Main | MS explains 7-year patch delay »

Firefox 3.0.4 Released to address multiple security flaws

A handful of security vulnerabilities have been fixed in the latest version of firefox.

Fixed in Firefox 3.0.4

MFSA 2008-58     Parsing error in E4X default namespace
MFSA 2008-57     -moz-binding property bypasses security checks on codebase principals
MFSA 2008-56     nsXMLHttpRequest::NotifyEventListeners() same-origin violation
MFSA 2008-55     Crash and remote code execution in nsFrameManager
MFSA 2008-54     Buffer overflow in http-index-format parser
MFSA 2008-53     XSS and JavaScript privilege escalation via session restore
MFSA 2008-52     Crashes with evidence of memory corruption (rv:
MFSA 2008-51     file: URIs inherit chrome privileges when opened from chrome
MFSA 2008-47     Information stealing via local shortcut files

Additional Details: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html#firefox3.0.4
More Info: http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxo....
Release Notes: http://www.mozilla.com/en-US/firefox/3.0.4/releasenotes/


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!