Huntsville Macintosh Users Group
Mac News That Matters

Home | Archive | UNIX

Join the Group | About Us | Calendar | Contact Us | Site Index

Security Update: Firefox 3.5.4

(2009-10-28 12:59:40)

Mozilla.org has updated Firefox to version 3.5.4. The updated addresses the following security related issues:

• Crashes with evidence of memory corruption (rv:1.9.1.4/ 1.9.0.15)
• Upgrade media libraries to fix memory safety bugs
• Download filename spoofing with RTL override
• Cross-origin data theft through document.getSelection()
• Heap buffer overflow in string to number conversion
• Chrome privilege escalation in XPCVariant::VariantDataToJS()
• Heap buffer overflow in GIF color map parser
• Crash in proxy auto-configuration regexp parsing
• Crash with recursive web-worker calls
• Local downloaded file tampering
• Form history vulnerable to stealin

Search WWW Search www.hmug.org

© The Huntsville Macintosh Users Group 1995-2010
Apple, the Apple Logo, and Macintosh are registered trademarks of Apple, Inc.
Other names may be registered trademarks of their respective owners.