LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-03-2009, 06:12 PM   #136
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371

Firefox 3.5.2 and 3.0.13 have been released.

They address the aforementioned security vulnerabilities.

Last edited by win32sux; 08-03-2009 at 06:14 PM.
 
Old 09-09-2009, 06:18 PM   #137
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Firefox 3.5.3 and 3.0.14 have been released.

They include fixes for several security vulnerabilities (three which are rated as Critical).

Last edited by win32sux; 09-09-2009 at 06:21 PM.
 
Old 10-14-2009, 07:59 AM   #138
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Security Mozilla Plugin Check Now Live

This new initiative is destined to have a positive impact on the overall security of the Firefox user community. To read the Mozilla Security Blog article, click here. You can use the Web-based version of the tool right now, or you can wait for Firefox 3.6 to be released, which will have this functionality built into it.

Last edited by win32sux; 10-14-2009 at 08:03 AM.
 
Old 10-28-2009, 02:37 AM   #139
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Firefox 3.5.4 and 3.0.15 have been released.

They include fixes for many security vulnerabilities (several which are rated as Critical).

BTW, the corresponding Secunia Advisory is here.

Last edited by win32sux; 10-28-2009 at 05:20 AM. Reason: Added link to Secunia Advisory.
 
Old 12-16-2009, 09:56 AM   #140
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Firefox 3.5.6 and 3.0.16 have been released.

They include fixes for many security vulnerabilities (several which are rated as Critical).

The corresponding Secunia Advisory is here.

Last edited by win32sux; 12-16-2009 at 09:58 AM.
 
Old 01-05-2010, 07:47 PM   #141
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Firefox 3.5.7 and 3.0.17 have been released, but they don't seem to address any security problems AFAICT.
 
Old 02-17-2010, 04:07 PM   #142
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Firefox 3.5.8 and 3.0.18 have been released.

They include fixes for many security vulnerabilities (several which are rated as Critical).

The corresponding Secunia Advisory is here.

Last edited by win32sux; 02-19-2010 at 01:06 AM. Reason: Added link to Secunia Advisory.
 
Old 02-20-2010, 02:18 AM   #143
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Exclamation Mozilla Firefox Unspecified Code Execution Vulnerability

Quote:
A vulnerability has been reported in Mozilla Firefox, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error and can be exploited to execute arbitrary code.

The vulnerability is reported in version 3.6. Other versions may also be affected.
Secunia Advisory
 
Old 02-20-2010, 06:37 PM   #144
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Am I the only one who finds it a bit sad that Mozilla doesn't use their security blog to provide some kind of official statement regarding zero-day vulnerabilities such as the one above?

Last edited by win32sux; 02-20-2010 at 06:39 PM.
 
Old 02-21-2010, 07:26 AM   #145
GazL
Senior Member
 
Registered: May 2008
Posts: 3,393

Rep: Reputation: 919Reputation: 919Reputation: 919Reputation: 919Reputation: 919Reputation: 919Reputation: 919Reputation: 919
Quote:
Originally Posted by win32sux View Post
Am I the only one...
Nope, not just you. Knowing whether running with javascript off mitigates this, or even whether it's platform specific would certainly help while waiting for them to sort it out.
 
Old 02-21-2010, 08:06 AM   #146
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by GazL View Post
Knowing whether running with javascript off mitigates this, or even whether it's platform specific would certainly help while waiting for them to sort it out.
My thoughts exactly.

Last edited by win32sux; 02-21-2010 at 08:15 AM.
 
Old 02-22-2010, 06:42 AM   #147
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
An article posted today on The Inquirer makes it sound like this is Windows-specific.

Anyone here been able to get any particulars on this vulnerability yet?

Last edited by win32sux; 02-22-2010 at 06:46 AM.
 
Old 02-22-2010, 12:27 PM   #148
Stroker
Member
 
Registered: Dec 2006
Location: The Nature Coast
Distribution: Slackware 01001101
Posts: 83

Rep: Reputation: 18
Quote:
Originally Posted by win32sux View Post
An article posted today on The Inquirer makes it sound like this is Windows-specific.

Anyone here been able to get any particulars on this vulnerability yet?
From your link
Secunia Advisory

Follow the "Original Advisory" url in which it states:

Quote:
clientside/vd_ff - 0day Firefox exploit (XP SP3, Vista)
Apparently, it's a MS problem and limited to XP an Vista only.
 
Old 02-22-2010, 02:31 PM   #149
GazL
Senior Member
 
Registered: May 2008
Posts: 3,393

Rep: Reputation: 919Reputation: 919Reputation: 919Reputation: 919Reputation: 919Reputation: 919Reputation: 919Reputation: 919
Quote:
Originally Posted by Stroker View Post
Follow the "Original Advisory" url in which it states:
Call me paranoid, but for some strange reason I didn't quite fancy going to the site of some unknown (to me at any rate) Russian hacker who found this vulnerability with my potentially vulnerable browser to read about it.
 
Old 02-23-2010, 12:07 AM   #150
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Well, they've finally posted on their blog.

The post essentially boils down to them not being totally sure what's going on yet.

Last edited by win32sux; 02-23-2010 at 12:09 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Mozilla Thunderbird to Find New Home as Mozilla Foundation Focuses on Mozilla Firefox LXer Syndicated Linux News 0 07-27-2007 09:16 AM
LXer: Mozilla Firefox 1.5.0.8 and Mozilla Thunderbird 1.5.0.8 Released LXer Syndicated Linux News 0 11-09-2006 05:21 PM
LXer: Mozilla Corporation Signs Mozilla Firefox Distribution Deal with RealNetworks LXer Syndicated Linux News 0 08-03-2006 03:21 PM
LXer: Mozilla Firefox and Mozilla Thunderbird 1.5.0.5 Community Test Day LXer Syndicated Linux News 0 07-14-2006 08:54 AM
Mozilla flaws could allow attacks, data access into Firefox & Mozilla web browsers! t3gah Linux - Security 6 04-09-2006 04:00 AM


All times are GMT -5. The time now is 05:30 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration