Mozilla Firefox XML User Interface Language Browser Interface Spoofing Vulnerability Solution:
Conectiva has released an advisory (CLA-2004:877) to address various issues including this issue in Mozilla. This advisory contains updated Mozilla packages (1.7.3) for Conectiva Linux 9 and 10. Please see the referenced advisory for more information.
SCO has released an advisory SCOSA-2005.25 including updated packages to address this issue. Please see the referenced advisory for more information.
Slackware has released an advisory (SSA:2004-223-01) to address this issue. Please see the referenced advisory for more information.
SGI has made available Patch 10095, correcting this vulnerability for systems running SGI Advanced Linux Environment 3:
Patch 10095 is available from http://support.sgi.com/ and
ftp://patches.sgi.com/support/free/security/patches/ProPack/3/
The individual RPMs from Patch 10095 are available from:
ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS
ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS
SuSE Linux has released advisory SUSE-SA:2004:036 along with fixes dealing with this issue. Please see the referenced advisory for more information.
The Fedora Legacy project has released advisory FLSA-2004:2089 along with fixes to address multiple issues in RedHat Fedora Core 1, and RedHat Linux 7.3 and 9.0. Please see the referenced advisory for further information.
Mozilla has released version 1.0.1 of Firefox to address this, and other issues.
Mozilla Firefox Preview Release
Mozilla Firefox 0.10
Mozilla Firefox 0.10.1
Mozilla Firefox 0.8
Mozilla Firefox 0.9
Mozilla Firefox 0.9 rc
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Firefox 1.0
Mozilla Browser 1.2.1
Mozilla Browser 1.4
Mozilla Browser 1.4.1
Mozilla Browser 1.6
Mozilla Browser 1.7
