norrisa
Member
|
# Posted: 4 Jun 2006 19:54
Reply
Multiple vulnerabilities have been reported for Firefox; Some of which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and HTTP response smuggling attacks, and potentially compromise a user's system.
An error in JavaScript via EvalInSandbox security can be exploited to execute a code
Some errors in firefox are linked to memory corruption. If sucessful, exploitation may allow execution of arbitrary code.
Two errors in the handling of the "View Image" and "Show only this frame" can be exploited to execute HTML code/script code to trick a user into right-clicking and choosing "View Image" on a broken image. An error caused by presistent XUL attributes in some situations with an incorrect URL can be exploited to execute arbitrary JavaScript code with escalated privileges. An error caused due to content-defined setters on an object prototype being called by privileged code in the user interface can be exploited to execute arbitrary JavaScript code with escalated privileges.
An error caused due to an off-by-two array boundary error in the "crypto.signText()" function can be exploited to cause a buffer overflow by passing optional Certificate Authority name arguments.
An error exists due to Unicode Byte-order-Mark (BOM) data being stripped from documents served in UTF-8 during the conversion to Unicode. This can be exploited to bypass certain HTML and JavaScript filtering mechanisms in web applications using the UTF-8 character encoding.
An error in the processing of the addSelectionListener when handling notifications in certain situations can be exploited to execute arbitrary JavaScript code with escalated privileges.
Please update to version 1.5.0.4. to patch these problems. Update
Source:
Secunia
|