Firefox 3.6.13 plugs 11 nasty bugs

Posted on Friday, December 10 2010 @ 16:59 CET by Thomas De Maesschalck
Mozilla rolled out Firefox 3.6.13, this new release fixes a total of 11 security vulnerabilities. It includes nine bugs rated as critical, one rated as high and another one is listed as a moderate bug.
Moderate:
  • MFSA 2010-84 XSS hazard in multiple character encodings

    High:
  • MFSA 2010-83 Location bar SSL spoofing using network error page

    Critical:
  • MFSA 2010-82 Incomplete fix for CVE-2010-0179
  • MFSA 2010-81 Integer overflow vulnerability in NewIdArray
  • MFSA 2010-80 Use-after-free error with nsDOMAttribute MutationObserver
  • MFSA 2010-79 Java security bypass from LiveConnect loaded via data: URL meta refresh
  • MFSA 2010-78 Add support for OTS font sanitizer
  • MFSA 2010-77 Crash and remote code execution using HTML tags inside a XUL tree
  • MFSA 2010-76 Chrome privilege escalation with window.open and element
  • MFSA 2010-75 Buffer overflow while line breaking after document.write with long string
  • MFSA 2010-74 Miscellaneous memory safety hazards (rv:1.9.2.13/ 1.9.1.16)


  • About the Author

    Thomas De Maesschalck

    Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



    Loading Comments