Mozilla/Firefox Browsers URI Drag And Drop Cross-Domain Scripting Vulnerability Solution:
The vendor has reported that this vulnerability is addressed in Mozilla version 1.7.3 and Firefox version 0.10.
Conectiva has released an advisory (CLA-2004:877) to address various issues including this issue in Mozilla. This advisory contains updated Mozilla packages (1.7.3) for Conectiva Linux 9 and 10. Please see the referenced advisory for more information.
RedHat Linux has released advisory RHSA-2004:486-18 along with fixes to address this, and other issues for RedHat Enterprise Linux operating systems. Please see the referenced advisory for further information on obtaining fixes.
HP has released an advisory (SSRT4826) dealing with this issue for their Tru64 UNIX platform. Please see the referenced advisory for more information.
SuSE Linux has released advisory SUSE-SA:2004:036 along with fixes dealing with this issue. Please see the referenced advisory for more information.
The Fedora Legacy project has released advisory FLSA-2004:2089 along with fixes to address multiple issues in RedHat Fedora Core 1, and RedHat Linux 7.3 and 9.0. Please see the referenced advisory for further information.
Mozilla Firefox 0.8
Mozilla Firefox 0.9
Mozilla Firefox 0.9 rc
Mozilla Firefox 0.9.1
Mozilla Firefox 0.9.2
Mozilla Firefox 0.9.3
Mozilla Browser 1.0 RC1
Mozilla Browser 1.0 RC2
Mozilla Browser 1.0
Mozilla Browser 1.0.1
Mozilla Browser 1.0.2
Mozilla Browser 1.1
Mozilla Browser 1.1 Alpha
Mozilla Browser 1.1 Beta
Mozilla Browser 1.2 Alpha
Mozilla Browser 1.2
Mozilla Browser 1.2 Beta
Mozilla Browser 1.2.1
Mozilla Browser 1.3
Mozilla Browser 1.3.1
Mozilla Browser 1.4 b
Mozilla Browser 1.4
Mozilla Browser 1.4 a
Mozilla Browser 1.4.1
Mozilla Browser 1.4.2
Mozilla Browser 1.5
Mozilla Browser 1.6
Mozilla Browser 1.7
Mozilla Browser 1.7 rc3
Mozilla Browser 1.7.1
Mozilla Browser 1.7.2
