firefox security update

CentOS Errata and Security Advisory CESA-2010:0500 An updated firefox package that addresses security issues, fixes bugs, adds numerous enhancements, and upgrades Firefox to version 3.6.4, is now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as...

Firefox JavaScript引擎Math.Random()跨域信息泄露漏洞

BUGTRAQ ID: 33276 CVE ID: CVE-2009-1696,CVE-2008-5913 Firefox是非常流行的开源WEB浏览器。 Firefox的JavaScript实现的Math.random函数中存在安全漏洞，攻击者可以对该函数的种子值进行逆向。由于对于每个浏览的会话伪随机数生成器仅提供了一次种子，因此可以将这个种子值用作唯一的令牌跨不同的网站识别和追踪用户。 Mozilla Firefox 3.6.x Mozilla Firefox 3.5.x Mozilla SeaMonkey 2.0.5 厂商补丁： Debian ------...

FreeBSD : mozilla -- multiple vulnerabilities (99858b7c-7ece-11df-a007-000f20797ede)

Mozilla Project reports : MFSA 2010-33 User tracking across sites using Math.random MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type: multipart also present MFSA 2010-31 focus behavior can be used to inject or steal keystrokes MFSA 2010-30 Integer Overflow in XSLT Node Sorting...

Mozilla Foundation Security Advisory 2010-33

Mozilla Foundation Security Advisory 2010-33 Title: User tracking across sites using Math.random Impact: Low Announced: June 22, 2010 Reporter: Amit Klein Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.4 Firefox 3.5.10 SeaMonkey 2.0.5 Description Security researcher Amit Klein reported that i...

devhelp, esc, firefox, gnome, totem, xulrunner, yelp security update

CentOS Errata and Security Advisory CESA-2010:0501 Updated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update a...

RHEL 5 : firefox (RHSA-2010:0501)

Updated firefox packages that address several security issues, fix bugs, add numerous enhancements, and upgrade Firefox to version 3.6.4, are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common...

SeaMonkey < 2.0.5 Multiple Vulnerabilities

Binary data 800874.prm...

Firefox 3.6.x < 3.6.4 Multiple Vulnerabilities

Binary data 800742.prm...

Mozilla Firefox < 3.5.10 Multiple Vulnerabilities

Binary data 5579.prm...

User tracking across sites using Math.random() — Mozilla

Security researcher Amit Klein reported that it was possible to reverse engineer the value used to seed Math.random. Since the pseudo-random number generator was only seeded once per browsing session, this seed value could be used as a unique token to identify and track users across different web...

Google Chrome 'Math.Random()'随机数生成漏洞

Bugraq ID: 36185 Google Chrome是一款流行的WEB浏览器。 Google Chrome 'Math.Random'随机数生成函数存在安全问题，允许应用程序生成弱随机数，攻击者可以利用漏洞获得敏感信息或获得未授权访问。 Google Chrome 3.0 Beta 目前没有详细解决方案提供： http://www.google.com/chrome ?php define"MAXJSMILEAGE",10000; $two31=bcpow2,31; $two32=bcpow2,32; function adv$x global $two31; return...