Users of Firefox and Xulrunner please be advised of a Several dangling pointer vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
USN-975-2: [USN-975-2] Firefox and Xulrunner regression
Several dangling pointer vulnerabilities were discovered in Firefox. An
attacker could exploit this to crash the browser or possibly run arbitrary
code as the user invoking the program. (CVE-2010-2760, CVE-2010-2767,CVE-2010-3167)
Blake Kaplan and Michal Zalewski discovered several weaknesses in the
XPCSafeJSObjectWrapper (SJOW) security wrapper. If a user were tricked into
viewing a malicious site, a remote attacker could use this to run arbitraryJavaScript with chrome privileges. (CVE-2010-2762)Read more at www.criticalwatch.com
See this Amp at http://bit.ly/9FhdZs
No comments:
Post a Comment