Which of these security flaws are present in SM 2.6.1

Mon, 26 Dec 2011 19:10:22 -0800 

In their 12/22/2011 security bulletin,
@RISK: The Consensus Security Vulnerability Alert Week 52 2011
SANS reports the following vulnerabilities in Mozilla FF & TB releases.
Since SM code is so closely related to the Moz. FF & TB codes,
which, if any, of these vulnerabilities are present in SM 2.6.1
and when are they due to be removed?

*************************************************************

(3) HIGH: Mozilla Firefox Multiple Security Vulnerabilities
Affected: Firefox 8.x

Description: Mozilla has released patches for multiple security
vulnerabilities affecting its Firefox web browser. The vulnerabilities
include unspecified memory corruptions, an unspecified crash caused by
faulty regular expression handling in the YARR library, and a memory
corruption vulnerability within Mozilla's SVG implementation that can
be triggered within the DOMAttrModified event handle. It is likely that
some of these vulnerabilities could be exploited in order to execute
code on a target's machine. To do so, an attacker would have to entice
a target to view a malicious web page.

Status: vendor confirmed, updates available

References:
Vendor Site
http://www.mozilla.org
Mozilla Firefox Security Bulletins
http://www.mozilla.org/security/announce/2011/mfsa2011-53.html
http://www.mozilla.org/security/announce/2011/mfsa2011-54.html
http://www.mozilla.org/security/announce/2011/mfsa2011-55.html
http://www.mozilla.org/security/announce/2011/mfsa2011-56.html
http://www.mozilla.org/security/announce/2011/mfsa2011-57.html
http://www.mozilla.org/security/announce/2011/mfsa2011-58.html
SecurityFocus BugTraq ID
http://www.securityfocus.com/bid/51138
http://www.securityfocus.com/bid/51133
http://www.securityfocus.com/bid/51134
http://www.securityfocus.com/bid/51135
http://www.securityfocus.com/bid/51136
http://www.securityfocus.com/bid/51137

*************************************************************
- -- Rostyk 
_______________________________________________
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey

Reply via email to