Vincenzo Di Russo's [MVP IE] Blog


enzodirusso


--------------------------------------------

--------------------------------------------

--------------------------------------------

Ora e Data
Calendario
dicembre 2017
lmmgvsd
27282930123
45678910
11121314151617
18192021222324
25262728293031
1234567

Mozilla Firefox 3 Unspecified Code Execution Vulnerability.


Mozilla Firefox 3.0 Vulnerability

TippingPoint riporta una vulnerabilità di Mozilla Firefox 3, che riguarda anche le precedenti versioni. Mozilla Security Team investiga sul problema e si attende il rilascio di una patch al più presto.
I dettagli della vulnerabilità non sono stati resi pubblici per motivi di sicurezza.

"... What we can confirm is that about five hours after the official release of Firefox 3.0 on June 17th, our Zero Day Initiative program received a critical vulnerability affecting Firefox 3.0 as well as prior versions of Firefox 2.0.x. We verified the vulnerability in our lab, acquired it from the researcher, then promptly reported the vulnerability to the Mozilla security team shortly after. Successful exploitation of the vulnerability could allow an attacker to execute arbitrary code. Not unlike most browser based vulnerabilities that we see these days, user interaction is required such as clicking on a link in email or visiting a malicious web page..."

Mozilla Security Blog: New Security Issue Under Investigation
18 June 2008
"... TippingPoint ZDI notified Mozilla of a vulnerability in Firefox that impacts versions 2.x and 3.0.  This issue is currently under investigation.  To protect our users, the details of the issue will remain closed until a patch is made available.  There is no public exploit, the details are private, and so the current risk to users is minimal..."

  http://secunia.com/advisories/30761/
 
venerdì, 20 giu 2008 Ore. 07.07

Messaggi collegati


-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

Mappa
Copyright © 2002-2007 - Blogs 2.0
dotNetHell.it | Home Page Blogs
ASP.NET 2.0 Windows 2003