[virusinfo] Critical update for Firefox and Mozilla - 4/18/05

• From: "Mike" <mikebike@xxxxxxxxx>
• To: virusinfo@xxxxxxxxxxxxx
• Date: Mon, 18 Apr 2005 21:26:00 -0700

From: Panda Oxygen3:

"A good name is better than riches"
            Miguel de Cervantes Saavedra (1547-1616); Spanish writer.

               - Critical update for Firefox and Mozilla -
 Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, April 18 2005 - The release of the new versions Firefox 1.0.3 and
Mozilla 1.7.7 has been announced.  These new versions correct several
security vulnerabilities, including some critical ones which could allow
remote execution of code.

Two of these, which could be exploited by an attacker to automatically
install or run malicious code, affect versions prior to Firefox 1.0.3 and
Mozilla 1.7.7.

The first of these vulnerabilities can be exploited injecting javascript
code in link tags supporting "favicons", while the second is based on
overwriting values in DOM (Document Object Model).

There is also a third critical vulnerability, which in this case does not
affect Mozilla, and which allows the execution of arbitrary code remotely
via the Firefox side bar.

Firefox 1.0.3 and Mozilla 1.7.7 also deal with other vulnerabilities
considered as high and moderate risk.  Because of this situation, the
Mozilla foundation strongly advises users to update to the new versions,
available on its website at: http://www.mozilla.org

More details on the corrected vulnerabilities can be found at the following
address: http://www.mozilla.org/projects/security/known-vulnerabilities.html

NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.
------------------------------------------------------------ 
The 5 viruses most frequently detected by Panda ActiveScan, Panda
Software's free online scanner:
1)Qhost.AF; 2)Mhtredir.gen; 3)Bagle.CA; 4)Bagle.CC; 5)Shinwow.E.

------------------------------------------------------------
To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
------------------------------------------------------------

*********** MIKE"S REPLY SEPARATOR  ***********
Mike ~ It is a good day if I learned something new.
Editor MikesWhatsNews see a sample on my web page
http://www3.telus.net/mikebike
<mikeswhatsnews-request@xxxxxxxxxxxxx?Subject=subscribe>
http://www3.telus.net/mikebike/worm_removal.htm
See my Anti-Virus pages  http://virusinfo.hackfix.org/index
<virusinfo-request@xxxxxxxxxxxxx?Subject=subscribe>
A Technical Support Alliance  and OWTA Charter Member 

Other related posts:

• » [virusinfo] Critical update for Firefox and Mozilla - 4/18/05

1. Home
2. virusinfo
3. Archive
4. 04-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---