MyCity » Zaštita od zlonamernih programa -> Propusti i ažuriranja » Firefox & Thunderbird propusti / ažuriranje

Firefox & Thunderbird propusti / ažuriranje

Napisano na dan: 21.12.2011

Firefox & Thunderbird propusti / ažuriranje
Sledeća strana Pagination

Idi na vrh

Poslao: 21 Dec 2011 23:20
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

CVE-2011-3658

The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service (out-of-bounds memory access) or possibly have unspecified other impact via vectors involving removal of SVG elements.


CVE-2011-3660

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors.


CVE-2011-3661

YARR, as used in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted JavaScript.


CVE-2011-3663

Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page by using SVG animation accessKey events within that web page.


CVE-2011-3664

Mozilla Firefox before 9.0, Thunderbird before 9.0, and SeaMonkey before 2.6 on Mac OS X do not properly handle certain DOM frame deletions by plugins, which allows remote attackers to cause a denial of service (incorrect pointer dereference and application crash) or possibly have unspecified other impact via a crafted web site.


CVE-2011-3665

Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via an Ogg VIDEO element that is not properly handled after scaling.


CVE-2011-3666

Mozilla Firefox before 3.6.25 and Thunderbird before 3.1.17 on Mac OS X do not consider .jar files to be executable files, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted file. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-2372 on Mac OS X.


Source: National Vulnerability Database



Propusti su ispravljeni u najnovijim verzijama programa.

http://www.mycity.rs/Windows-Download/Firefox-9-x-FINAL.html

http://www.mycity.rs/Windows-Download/Mozilla-Thun.....ml#1255482



Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.

MyCity » Zaštita od zlonamernih programa -> Propusti i ažuriranja » Firefox & Thunderbird propusti / ažuriranje

Ko je trenutno na forumu
 

Ukupno su 1080 korisnika na forumu :: 35 registrovanih, 3 sakrivenih i 1042 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: babaroga, cenejac111, Dimitrise93, djboj, DPera, draganca, dushan, esx66, HrcAk47, ikan, janbo, kobaja77, Koridor, KUZMAR, ladro, laki_bb, laurusri, mercedesamg, Millennium, milutin134, mnn2, Nemanja.M, Panter, rajkoplje, raptorsi, Rogan33, Srle993, stegonosa, Tas011, Trpe Grozni, Vlada1389, vladulns, šumar bk2, žeks62, 79693