Search, View and Navigation
Main Menu
Mailing List
[SingCERT] Security Updates for Mozilla Firefox
Last Updated on Thursday, 26 April 2012 15:27
[ Summary ]
Mozilla Firefox has released a fix for their product which was reported to have multiple vulnerabilities that allow remote users execute arbitrary code, spoof web sites, obtain information, and conduct Cross-Site Scripting Attacks. The update will fix these vulnerabilities.
[ Affected Systems ]
All versions prior to 12.0
[ Impact Analysis ] Successful exploitation of these vulnerabilities could allow A remote user to create content that, when loaded by the target user, will execute arbitrary code on the target user's system. [ Solution/Workaround ] Mozilla Firefox has issued a fix (12.0) [ Reference ] http://www.mozilla.org/security/announce/2012/mfsa2012-20.html
A remote user can access the target user's cookies (including authentication cookies), if any, associated with a target site, access data recently submitted by the target users via web form to the site, or take actions on the site acting as the target user.
A remote user can spoof certain web sites.
A remote user can obtain potentially sensitive information.
http://www.mozilla.org/security/announce/2012/mfsa2012-21.html
http://www.mozilla.org/security/announce/2012/mfsa2012-23.html
http://www.mozilla.org/security/announce/2012/mfsa2012-24.html
http://www.mozilla.org/security/announce/2012/mfsa2012-25.html
http://www.mozilla.org/security/announce/2012/mfsa2012-26.html
http://www.mozilla.org/security/announce/2012/mfsa2012-27.html
http://www.mozilla.org/security/announce/2012/mfsa2012-28.html
http://www.mozilla.org/security/announce/2012/mfsa2012-29.html
http://www.mozilla.org/security/announce/2012/mfsa2012-30.html
http://www.mozilla.org/security/announce/2012/mfsa2012-31.html
http://www.mozilla.org/security/announce/2012/mfsa2012-32.html
http://www.mozilla.org/security/announce/2012/mfsa2012-33.html
| < Prev | Next > |
|---|