Debian: DSA 1118-1 Critical: Mozilla Multiple Remote Threats
debian
July 22, 2006
Updated package.
Topics Covered
Summary
Eric Foley discovered that a user can be tricked to expose a local
file to a remote attacker by displaying a local file as image in
connection with other vulnerabilities. [MFSA-2006-39]
CVE-2006-2775
XUL attributes are associated with the wrong URL under certain
circumstances, which might allow remote attackers to bypass
restrictions. [MFSA-2006-35]
CVE-2006-2776
Paul Nickerson discovered that content-defined setters on an
object prototype were getting called by privileged user interface
code, and "moz_bug_r_a4" demonstrated that the higher privilege
level could be passed along to the content-defined attack code.
[MFSA-2006-37]
CVE-2006-2777
A vulnerability allows remote attackers to execute arbitrary code
and create notifications that are executed in a privileged
context. [MFSA-2006-43]
CVE-2006-2778
Mikolaj Habryn a buffer overflow in the crypto.signText function
that allows remote attackers to execute arb...
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!