فا

‫ Mozilla Firefox / Firefox ESR / SeaMonkey Two Vulnerabilities

ID: IRCAD2015033828
Release Date: 2015-03-20
Criticality level: Highly critical
Software:
Mozilla Firefox 31.x
Mozilla Firefox 36.x
Mozilla SeaMonkey 2.x
Description:
Two vulnerabilities have been reported in Mozilla Firefox, Firefox ESR, and SeaMonkey, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
1) An error when handling SVG navigation can be exploited to bypass the same-origin policy.
This vulnerability is reported in Mozilla Firefox versions prior to 36.0.4, Firefox ESR versions prior to 31.5.3, and SeaMonkey versions prior to 2.33.1.
2) A boundary error within the JavaScript just-in-time compilation (JIT) can be exploited to execute arbitrary code.
This vulnerability is reported in Mozilla Firefox versions prior to 36.0.3, Firefox ESR versions prior to 31.5.2, and SeaMonkey versions prior to 2.33.1.
Solution
Update to a fixed version.
References:
Secunia:
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 6 اردیبهشت 1394

امتیاز

امتیاز شما
تعداد امتیازها:0