Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mozilla Security Release - New Firefox And Thunderbird Versions


  • Please log in to reply
1 reply to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:10:17 AM

Posted 21 December 2006 - 10:55 AM

Security updates have been issued for Firefox, Thunderbird, Seamonkey and other Mozilla products that fix critical security vulnerabilities. These vulnerabilities could be exploited by attackers to take complete control of an affected system or bypass security restrictions. All users should install these udpates as soon as possible.

Mozilla Security Release - New Firefox and Thunderbird versions
http://www.mozilla.com/en-US/firefox/2.0.0.1/releasenotes/
http://www.mozilla.org/projects/security/k...#firefox2.0.0.1

Fixed in Firefox 2.0.0.1

MFSA 2006-68 Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)
http://www.mozilla.org/security/announce/2...fsa2006-68.html

MFSA 2006-69 CSS cursor image buffer overflow (Windows only)
http://www.mozilla.org/security/announce/2...fsa2006-69.html

MFSA 2006-70 Privilege escallation using watch point
http://www.mozilla.org/security/announce/2...fsa2006-70.html

MFSA 2006-71 LiveConnect crash finalizing JS objects
http://www.mozilla.org/security/announce/2...fsa2006-71.html

MFSA 2006-72 XSS by setting img.src to java script: URI
http://www.mozilla.org/security/announce/2...fsa2006-72.html

MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
http://www.mozilla.org/security/announce/2...fsa2006-73.html

MFSA 2006-75 RSS Feed-preview referrer leak
http://www.mozilla.org/security/announce/2...fsa2006-75.html

MFSA 2006-76 XSS using outer window's Function object
http://www.mozilla.org/security/announce/2...fsa2006-76.html

Mozilla Security Center
http://www.mozilla.org/security/

Internet Storm Center
http://www.incidents.org/diary.php?storyid=1958

CERT
http://www.us-cert.gov/current/current_act...ml#mzsecadv1206

FrSIRT
http://www.frsirt.com/english/advisories/2006/5068

Secunia
http://secunia.com/advisories/23282/

Zero-Day Initiative - Fixing the SVG vulnerability is critical
http://www.zerodayinitiative.com/advisories/ZDI-06-051.html
http://www.mozilla.org/security/announce/2...fsa2006-73.html

Firefox Product Page and Download link
(most users should be able to auto-update to the new release)
http://www.mozilla.com/en-US/firefox/

Thunderbird Product Page and Download link
http://www.mozilla.com/en-US/thunderbird/

Seamonkey Product Page and Download link
http://www.mozilla.org/projects/seamonkey/

BC AdBot (Login to Remove)

 


#2 jgweed

jgweed

  • Members
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:09:17 AM

Posted 21 December 2006 - 11:09 AM

Users of Thunderbird and Firefox 1.5 and above will receive automatic notification that there is a new version (update) available.
Cheers,
John
Whereof one cannot speak, thereof one should be silent.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users