Im not sure if this topic is suited in plug. anyway just to inform plug users.
* Technical Description * Several vulnerabilities were identified in Mozilla Suite, Firefox and Thunderbird, which may be exploited by attackers to execute arbitrary commands or bypass certain security features. - The first vulnerability is due to a heap overrun error when processing a Netscape-specific extension block in GIF images, which may be exploited to run arbitrary code on a vulnerable system via a web page or email message containing a specially crafted GIF image. - The second flaw occurs if a user bookmarked a specially crafted page as a Firefox sidebar panel, which could be exploited to execute arbitrary programs by opening a privileged page and injecting javascript into it. - The third issue occurs when handling specially crafted XUL files, and may be exploited to bypass the restriction on opening privileged XUL. * Affected Products * Mozilla Firefox version 1.0.1 and prior Mozilla Suite version 1.7.5 and prior Mozilla Thunderbird version 1.0.1 and prior * Solution * Mozilla Firefox version 1.0.2 Mozilla Suite version 1.7.6 Mozilla Thunderbird version 1.0.2 * References * http://www.k-otik.com/english/advisories/2005/0296 https://bugzilla.mozilla.org/show_bug.cgi?id=284627 https://bugzilla.mozilla.org/show_bug.cgi?id=285595 https://bugzilla.mozilla.org/show_bug.cgi?id=285438 -- "mailing lists is my personal knowledgebase" -- Philippine Linux Users' Group (PLUG) Mailing List plug@lists.q-linux.com (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
