[MACEP] New at ftp.mesd--Firefox 1.5.0.5
John Bromley
the.bromleys at verizon.net
Thu Jul 27 08:50:36 PDT 2006
The following files are new or updated in the /pub/mac directory of
the FTP server located at:
ftp://ftp.mesd.k12.or.us/pub/mac/.
Firefox 1.5.0.5
ftp://ftp.mesd.k12.or.us:21//pub/mac/Firefox1.5.0.5.dmg
Firefox1.5.0.5 includes important security fixes among its changes:
chrome: scheme loading remote content
Crashes with evidence of memory corruption (rv:1.8.0.5)
XSS with XPCNativeWrapper(window).Function(...)
UniversalBrowserRead privilege escalation
PAC privilege escalation using Function.prototype.call
Privilege escalation using named-functions and redefined "new Object()"
JavaScript engine vulnerabilities
JavaScript new Function race condition
Native DOM methods can be hijacked across domains
Memory corruption with simultaneous events
Javascript navigator Object Vulnerability
Code execution through deleted frame reference
--
John Bromley
(503) 668-3332
"Even if you're on the right track, you'll get run over if you just
sit there." ----- Will Rogers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mesd.k12.or.us/pipermail/macep/attachments/20060727/a20b1296/attachment.html
More information about the MACEP
mailing list