ESA-2011-035: RSA, The Security Division of EMC, announces the release of Hotfix 6 with security updates for RSA Key Manager Appliance 2.7 Service Pack 1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-035: RSA, The Security Division of EMC, announces the release of Hotfix 6 with security updates for RSA Key Manager Appliance 2.7 Service Pack 1 Advisories Updated October 28, 2011 Summary: RSA has delivered an update on RSA Key Manager...

CVE-2011-2369

CVE-2011-2369 is a cross-site scripting vulnerability in SeaMonkey as described in NASL entry SeaMonkey

CVE-2011-2368

The WebGL implementation in Mozilla Firefox 4.x through 4.0.1 does not properly restrict write operations, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors...

Firefox 4 With Content Security Policy Due Tuesday

Firefox 4, the newest version of Mozilla’s flagship browser slated for release today, includes a variety of security and privacy protections, but perhaps the most important of them is the addition of the Content Security Policy. The mechanism, which is enabled by default in Firefox 4, is designed...

Mozilla introduces the "Web Apps" project just before release of release of Firefox 4 final !

Shortly before the release of the final version of Firefox 4, the Mozilla developers have introduced the "Web Apps" project. These apps are expected to play a major role play in future browsers, and in such a future, the browser will not just be for viewing web pages but will be a platform for...

CVE-2010-4508

The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification...

SuSE 10 Security Update : Mozilla (ZYPP Patch Number 7196)

The Mozilla NSS Library was updated to version 3.12.8 and the Mozilla NSPR Library was updated to 4.8.6 to fix various bugs and one security issue : - Disallow wildcard matching in X509 certificate Common Names. CVE-2010-3170 This update also has preparations for Firefox 4 support, and a updated...

Firefox 4 to Include HTTP Strict Transport Security Support

In an effort to help mitigate man-in-the-middle attacks that make normal HTTP connections look like secured HTTPS sessions, Mozilla is adding support in Firefox 4 for a new technology called HTTP Strict Transport Security that enables site operators to tell browsers to always request an HTTPS...

HTML 5 Comes With SQL Injection Risks

Internet Explorer 9 and Firefox 4 will support it, and Microsoft recently touted its advantages. But the upcoming version of HTML, which builds rich Internet application features into the Web programming language and shifts more Web functions to the client machine, also could open up new Web atta...