Post Tue Jan 02, 2007 6:17 pm

Mozilla Issues 9 Security Advisories

The Mozilla Foundation issued nine security advisories of which six of them are for critical vulnerabilities:

December 19, 2006
MFSA 2006-76 XSS using outer window's Function object
MFSA 2006-75 RSS Feed-preview referrer leak
MFSA 2006-74 Mail header processing heap overflows
MFSA 2006-73 Mozilla SVG Processing Remote Code Execution
MFSA 2006-72 XSS by setting img.src to javascript: URI
MFSA 2006-71 LiveConnect crash finalizing JS objects
MFSA 2006-70 Privilege escallation using watch point
MFSA 2006-69 CSS cursor image buffer overflow (Windows only)
MFSA 2006-68 Crashes with evidence of memory corruption

http://www.mozilla.org/security/announce/

I mention this merely to make sure it's out there that many products, regardless of the image they have (or are given), are vulnerable.

Don
CISSP, MCSE, CSTA, Security+ SME