DoctorDoom
04-17-2006, 07:18 PM
Impact:
Security Bypass
Cross Site Scripting
Spoofing
Exposure of sensitive information
DoS
System access
Where: From remote
Solution Status: Vendor Patch
Software:
Mozilla Firefox 0.x
Mozilla Firefox 1.x
Description:
Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, bypass certain security restrictions, disclose sensitive information, and potentially compromise a user's system.
[ 21 separate items listed ]
Solution:
Update to versions 1.0.8 or 1.5.0.2.
http://www.mozilla.com/firefox/Firefox Multiple Vulnerabilities (http://secunia.com/advisories/19631/)
These are listed as "Highly critical". Update is very strongly recommended.
Note: when updating the Windows version from 1.0.x to 1.5.0.2, many extensions won't work with it. Most have versions that were rewritten for 1.5.x.
Security Bypass
Cross Site Scripting
Spoofing
Exposure of sensitive information
DoS
System access
Where: From remote
Solution Status: Vendor Patch
Software:
Mozilla Firefox 0.x
Mozilla Firefox 1.x
Description:
Multiple vulnerabilities have been reported in Firefox, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, bypass certain security restrictions, disclose sensitive information, and potentially compromise a user's system.
[ 21 separate items listed ]
Solution:
Update to versions 1.0.8 or 1.5.0.2.
http://www.mozilla.com/firefox/Firefox Multiple Vulnerabilities (http://secunia.com/advisories/19631/)
These are listed as "Highly critical". Update is very strongly recommended.
Note: when updating the Windows version from 1.0.x to 1.5.0.2, many extensions won't work with it. Most have versions that were rewritten for 1.5.x.