Thu, May 31 2007 6:50
Mozilla Firefox Multiple Vulnerabilities - May 31, 2007
Some vulnerabilities have been reported in
Mozilla Firefox, which can be exploited by malicious people to conduct
spoofing attacks, bypass certain security restrictions, and potentially
compromise a user's system.
2) An error in the "addEventListener" method can be exploited to inject
script into another site, circumventing the browser's same-origin
policy. This could be used to access or modify sensitive information
from the other site.
3) An error in the handling of XUL popups can be exploited to spoof parts of the browser such as the location bar.
Secunia has constructed the Secunia Software Inspector, which you can use to check if your system is vulnerable:
Update to version 18.104.22.168 or 22.214.171.124.
Filed under: Advisories / Bulletins