FreeBSD : mozilla -- multiple vulnerabilities (810a5197-e0d9-11dc-891a-02061b08fc24)

The Mozilla Foundation reports of multiple security issues in Firefox, SeaMonkey, and Thunderbird. Several of these issues can probably be used to run arbitrary code with the privilege of the user running the program. - Web forgery overwrite with div overlay - URL token stealing via stylesheet...

openSUSE 10 Security Update : seamonkey (seamonkey-5012)

This update brings Mozilla SeaMonkey to security update version 1.8.1.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of...

SuSE 10 Security Update : MozillaFirefox (ZYPP Patch Number 5001)

This update brings Mozilla Firefox to security update version 2.0.0.12 Following security problems were fixed : - Web forgery overwrite with div overlay. MFSA 2008-11 / CVE-2008-0594 - URL token stealing via stylesheet redirect. MFSA 2008-10 / CVE-2008-0593 - Mishandling of locally-saved plain te...

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-5002)

This update brings Mozilla Firefox to security update version 2.0.0.12 Following security problems were fixed : - MFSA 2008-11/CVE-2008-0594 Web forgery overwrite with div overlay - MFSA 2008-10/CVE-2008-0593 URL token stealing via stylesheet redirect - MFSA 2008-09/CVE-2008-0592 Mishandling of...

File action dialog tampering — Mozilla

Security researcher Michal Zalewski demonstrated that timer-enabled security dialogs can be subverted by attackers using JavaScript to change the window focus. Zalewski showed that a user could be tricked into confirming a security dialog of this type by bringing the dialog back into focus right...