Thursday, April 23, 2009

Mozilla Firefox 3.0.9

The latest release fixed several security issues:

MFSA 2009-22 Firefox allows Refresh header to redirect to javascript: URIs

MFSA 2009-21 POST data sent to wrong site when saving web page with embedded frame

MFSA 2009-20 Malicious search plugins can inject code into arbitrary sites

MFSA 2009-19 Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString

MFSA 2009-18 XSS hazard using third-party stylesheets and XBL bindings

MFSA 2009-17 Same-origin violations when Adobe Flash loaded via view-source: scheme

MFSA 2009-16 jar: scheme ignores the content-disposition: header on the inner URI

MFSA 2009-15 URL spoofing with box drawing character

MFSA 2009-14 Crashes with evidence of memory corruption (rv:1.9.0.9)

No comments: