Ubuntu
firefox package

Several security fixes in 1.5.0.7

Bug #60806 reported by JoseStefan on 2006-09-16

260

Affects		Status	Importance	Assigned to	Milestone
	firefox (Ubuntu)	Fix Released	Undecided	Martin Pitt

Bug Description

http://www.mozilla.com/firefox/releases/1.5.0.7.html

Critical:
MFSA 2006-64 Crashes with evidence of memory corruption (rv:1.8.0.7)
MFSA 2006-60 RSA Signature Forgery
MFSA 2006-59 Concurrency-related vulnerability
MFSA 2006-57 JavaScript Regular Expression Heap Corruption

Moderate:
MFSA 2006-62 Popup-blocker cross-site scripting (XSS)
MFSA 2006-58 Auto-Update compromise through DNS and SSL spoofing

Low:
MFSA 2006-61 Frame spoofing using document.open()

CVE References

Revision history for this message

Martin Pitt (pitti) wrote on 2006-09-22:

http://www.ubuntu.com/usn/usn-351-1, see that text for details of other releases.

Changed in firefox:
assignee:	nobody → pitti
status:	Unconfirmed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

Duplicates of this bug

Bug #61255

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntufirefox package