Debian Security Advisory DSA 1160-1 (mozilla)

The remote host is missing an update to mozilla announced via advisory DSA 1160-1. Several security related problems have been discovered in Mozilla and derived products. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2006-2779 Mozilla team members...

CVE-2006-3808

Mozilla Firefox before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote Proxy AutoConfig PAC servers to execute code with elevated privileges via a PAC script that sets the FindProxyForURL function to an eval method on a privileged object...

CVE-2005-3089

Summary of CVE-2005-3089: Firefox 1.0.6 is affected by a denial-of-service condition caused by a Proxy Auto-Config (PAC) script that uses an eval statement. The issue is specifically tied to Firefox 1.0.6 and may depend on whether an untrusted party triggers it; in the provided materials, this un...

security flaw

Firefox 1.0.6 allows attackers to cause a denial of service crash via a Proxy Auto-Config PAC script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability...