Update Firefox...

Started by Melbosa, April 17, 2006, 02:35:15 PM

Previous topic - Next topic

Melbosa

Thought I'd let you know, any Mozilla Browser peeps out there, just got official notice of some vulnerabilities that need to be addressed with an upgrade to the latest version of your browsers.



FYI
Sometimes I Think Before I Type... Sometimes!

Mr. Analog

By Grabthar's Hammer

Lazybones

Received the autoupdate already on both my systems.

Thorin

Quote from: "Mr. Analog"Linkage?

http://www.mozilla.com/firefox/releases/1.5.0.2.html



I got there by clicking Help->Check for Updates... in Firefox. :)
Prayin' for a 20!

gcc thorin.c -pedantic -o Thorin
compile successful

Tom

Hmm, ever since Firefox started eating all my ram (even with 1GB), I switched back to Konqueror.
<Zapata Prime> I smell Stanley... And he smells good!!!

Mr. Analog

Quote from: "Tom"Hmm, ever since Firefox started eating all my ram (even with 1GB), I switched back to Konqueror.

What OS is that? I haven't had any problems (and I use multiple tabs a lot). (Currently using 45 MBs).
By Grabthar's Hammer

Tom

I tend to use multiple windows with multiple tabs.. And my firefox process would eat at least 100MB, sometimes around 200-300MB.



As for my OS, it be linux.
<Zapata Prime> I smell Stanley... And he smells good!!!

Melbosa

Quote from: "Mr. Analog"Linkage?



These might be the links you were looking for:



http://www.mozilla.org/security/announce/

http://www.mozilla.org/projects/security/known-vulnerabilities.html

http://www.kb.cert.org/vuls/byid?searchview&query=mozilla_April_2006



I subscribe to the cert alerts, both technical and professional.  They only release information once they have a solution, as to reduce possibility of exploiters taking advantage of found vulnerabilities.
Sometimes I Think Before I Type... Sometimes!

Mr. Analog

Yep found 'em already just thought you might have them before I started hitting the update sites.
By Grabthar's Hammer

Darren Dirt

Happy to see that with 1.5.2 my fave extension "Launchy" still works :)





PS: wow, check out the description of some of the security holes and stuff -- some very creative minds when it comes to finding new (theoretical) ways to execute malicious code...



Mozilla Foundation Security Advisories ( http://www.mozilla.org/security/announce/ ) ...



April 13, 2006

MFSA 2006-29 Spoofing with translucent windows

MFSA 2006-28 Security check of js_ValueToFunctionObject() can be circumvented

MFSA 2006-26 Mail Multiple Information Disclosure

MFSA 2006-25 Privilege escalation through Print Preview

MFSA 2006-24 Privilege escalation using crypto.generateCRMFRequest

MFSA 2006-23 File stealing by changing input type

MFSA 2006-22 CSS Letter-Spacing Heap Overflow Vulnerability

MFSA 2006-20 Crashes with evidence of memory corruption (rv:1.8.0.2)

MFSA 2006-19 Cross-site scripting using .valueOf.call()

MFSA 2006-18 Mozilla Firefox Tag Order Vulnerability

MFSA 2006-17 cross-site scripting through window.controllers

MFSA 2006-16 Accessing XBL compilation scope via valueOf.call()

MFSA 2006-15 Privilege escalation using a JavaScript function's cloned parent

MFSA 2006-14 Privilege escalation via XBL.method.eval

MFSA 2006-13 Downloading executables with "Save Image As..."

MFSA 2006-12 Secure-site spoof (requires security warning dialog)

MFSA 2006-11 Crashes with evidence of memory corruption (rv:1.8)

MFSA 2006-10 JavaScript garbage-collection hazard audit

MFSA 2006-09 Cross-site JavaScript injection using event handlers





I bolded my personal favorite; read the description to see why, wow that's a twisted mind who would think of doing that :o





- - -



On the topic of Firefox popularity, check out these interesting Browser Statistics from W3Schools.com .
_____________________

Strive for progress. Not perfection.
_____________________