Tag Archives: security - Page 2

Fixed in Firefox 3.0.11 (several security issues)

Posted by on 12/06/2009 No comments

We strongly recommend the update to Firefox 3.0.11.

Firefox 3.0.11 fixes several security issues found in Firefox 3.0.10 (4 Critical, 1 High, 2 Moderate, 2 Low):

MFSA 2009-32 JavaScript chrome privilege escalation
MFSA 2009-31 XUL scripts bypass content-policy checks
MFSA 2009-30 Incorrect principal set for file: resources loaded via location bar
MFSA 2009-29 Arbitrary code execution using event listeners attached to an element whose owner document is null
MFSA 2009-28 Race condition while accessing the private data of a NPObject JS wrapper class object
MFSA 2009-27 SSL tampering via non-200 responses to proxy CONNECT requests
MFSA 2009-26 Arbitrary domain cookie access by local file: resources
MFSA 2009-25 URL spoofing with invalid unicode characters
MFSA 2009-24 Crashes with evidence of memory corruption (rv:1.9.0.11)

The sooner… the safer!

;)

1 Star2 Stars (No Ratings Yet)
 Loading ... Loading ...
Share

ModSecurity Vulnerabilities Fixed

Posted by on 20/05/2009 No comments

ModSecurity versions 2.5.8 and 2.5.9 have been released to fix two vulnerabilities which could be used to cause a denial of service (DoS).  The first vulnerability is fixed in version 2.5.8 and the second (as it was disclosed after version 2.5.8 was already frozen) is fixed in version 2.5.9.  Because of this, the 2.5.8 release should be disregarded in favor of 2.5.9.  Both vulnerabilities, however, have workarounds until ModSecurity can be upgraded/patched.

Read more…

1 Star2 Stars (+8 rating, 2 votes)
 Loading ... Loading ...
Share